Vulnerability Bulletins |
Múltiples vulnerabilidades en "bind9" |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Denegación de Servicio |
| Dificulty | Avanzado |
| Required attacker level | Acceso remoto con cuenta |
System information |
|
| Property | Value |
| Affected manufacturer | GNU/Linux |
| Affected software | bind9 |
Description |
|
|
Se han descubierto múltiples vulnerabilidades en "bind 9". Las vulnerabilidades son descritas a continuación: CVE-2010-3762: La vulnerabilidad reside cuando la validación "DNSSEC" se encuentra activa, al no manejar correctamente ciertas firmas incorrectas cuando existen múltiples anclajes en una única zona. Un atacante remoto podría causar denegación de servicio mediante consultas DNS. CVE-2010-3614: La vulnerabilidad reside al no determinar correctamente el estado de seguridad de un "NSRRset" durante un algoritmo "DNSKEY". Un atacante podría causar un impacto desconocido mediante métodos no especificados. CVE-2010-3613: La vulnerabilidad reside en el manejo correcto de respuestas negativas firmadas y registros "RRSIG" en la cache. Un atacante remoto podría causar un ataque de denegación de servicio mediante una consulta a los datos en cacheados. |
|
Solution |
|
|
Actualización de software Debian (DSA-2130-1) Debian GNU/Linux 5.0 http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg.orig.tar.gz http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1.diff.gz http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1.dsc Architecture independent packages: http://security.debian.org/pool/updates/main/b/bind9/bind9-doc_9.6.ESV.R3+dfsg-0+lenny1_all.deb alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_alpha.deb amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_amd64.deb arm architecture (ARM) http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_arm.deb http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_arm.deb http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_arm.deb http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_arm.deb http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_arm.deb http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_arm.deb http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_arm.deb http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_arm.deb http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_arm.deb http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_arm.deb http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_arm.deb http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_arm.deb armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_armel.deb http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_armel.deb http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_armel.deb http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_armel.deb http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_armel.deb http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_armel.deb http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_armel.deb http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_armel.deb http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_armel.deb http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_armel.deb http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_armel.deb http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_armel.deb hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_hppa.deb i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_i386.deb http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_i386.deb http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_i386.deb http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_i386.deb http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_i386.deb http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_i386.deb http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_i386.deb http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_i386.deb http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_i386.deb http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_i386.deb http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_i386.deb http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_i386.deb ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_ia64.deb mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_mips.deb http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_mips.deb http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_mips.deb http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_mips.deb http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_mips.deb http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_mips.deb http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_mips.deb http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_mips.deb http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_mips.deb http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_mips.deb http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_mips.deb http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_mips.deb mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_mipsel.deb powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_powerpc.deb s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_s390.deb http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_s390.deb http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_s390.deb http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_s390.deb http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_s390.deb http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_s390.deb http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_s390.deb http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_s390.deb http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_s390.deb http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_s390.deb http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_s390.deb http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_s390.deb sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/b/bind9/libisccc50_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb http://security.debian.org/pool/updates/main/b/bind9/libisccfg50_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb http://security.debian.org/pool/updates/main/b/bind9/bind9utils_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb http://security.debian.org/pool/updates/main/b/bind9/liblwres50_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb http://security.debian.org/pool/updates/main/b/bind9/libbind9-50_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb http://security.debian.org/pool/updates/main/b/bind9/libdns58_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb http://security.debian.org/pool/updates/main/b/bind9/bind9_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb http://security.debian.org/pool/updates/main/b/bind9/libisc50_9.6.ESV.R3+dfsg-0+lenny1_sparc.deb Red Hat (RHSA-2010:0975-1) Red Hat Enterprise Linux Desktop (v. 6) Red Hat Enterprise Linux Desktop Optional (v. 6) Red Hat Enterprise Linux HPC Node (v. 6) Red Hat Enterprise Linux HPC Node Optional (v. 6) Red Hat Enterprise Linux Servidor (v. 6) Red Hat Enterprise Linux Servidor Optional (v. 6) Red Hat Enterprise Linux Workstation (v. 6) Red Hat Enterprise Linux Workstation Optional (v. 6) https://rhn.redhat.com/ Red Hat (RHSA-2010:0976-1) RHEL Desktop Workstation (v. 5 cliente) Red Hat Enterprise Linux (v. 5 servidor) Red Hat Enterprise Linux Desktop (v. 5 cliente) https://rhn.redhat.com/ Red Hat (RHSA-2010:1000-1) Red Hat Enterprise Linux AS version 4 Red Hat Enterprise Linux Desktop version 4 Red Hat Enterprise Linux ES version 4 Red Hat Enterprise Linux WS version 4 https://rhn.redhat.com/ |
|
Standar resources |
|
| Property | Value |
| CVE |
CVE-2010-3613 CVE-2010-3614 CVE-2010-3613 |
| BID | |
Other resources |
|
|
Debian Security Advisory (DSA-2130-1) http://lists.debian.org/debian-security-announce/2010/msg00182.html Red Hat Security Advisory (RHSA-2010:0975-01) https://rhn.redhat.com/errata/RHSA-2010-0975.html Red Hat Security Advisory (RHSA-2010:0976-01) https://rhn.redhat.com/errata/RHSA-2010-0976.html Red Hat Security Advisory (RHSA-2010:1000-01) https://rhn.redhat.com/errata/RHSA-2010:1000-01.html |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2010-12-13 |
| 1.1 | Aviso emitido por Red Hat (RHSA-2010:0975-01) | 2010-12-15 |
| 1.2 | Aviso emitido por Red Hat (RHSA-2010:0976-01) | 2010-12-15 |
| 1.3 | Aviso emitido por Red Hat (RHSA-2010:1000-01) | 2010-12-23 |