Software Engineering Institute

Notified:  November 12, 2002 Updated: December 03, 2002

Status

Affected

Vendor Statement

Affected Systems: Mac OS X and Mac OS X Server with BIND versions 8.1, 8.2 to 8.2.6, and 8.3.0 to 8.3.3

Mitigating Factors: BIND is not enabled by default on Mac OS X or Mac OS X Server

This is addressed in Security Update 2002-11-21

http://www.apple.com/support/security/security_updates.html

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Notified:  November 12, 2002 Updated: November 14, 2002

Status

Affected

Vendor Statement

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- --------------------------------------------------------------------------

PACKAGE   : bind
SUMMARY   : Remote vulnerabilities in the BIND DNS server
DATE      : 2002-11-14 15:36:00
ID        : CLA-2002:546
RELEVANT
RELEASES  : 6.0

- -------------------------------------------------------------------------

DESCRIPTION
"bind" is probably the most used DNS server on the internet.

 ISS reported[7] buffer overflow and denial of service vulnerabilities
in some versions of the BIND software. The most dangerous one, the
buffer overflow, could be used by remote attacker to execute
arbitrary code on the server with the privileges of the user running
the "named" process.

 The vulnerabilities explained below affect BIND as shipped with
Conectiva Linux 6.0. Conectiva Linux 7.0 and 8 already ship BIND 9.x,
which is not vulnerable to the problems reported by ISS.

 1) Buffer overflow (CAN-2002-1219) [5]
An attacker who can make a vulnerable BIND server make recursive
queries to a domain that he (the attacker) controls can exploit this
vulnerability and execute arbitrary code on the server with the same
privileges as the "named" process. The BIND packages in Conectiva
Linux run the "named" process with an unprivileged user, and not
root, which mitigates the impact of this vulnerability somewhat,
requiring that the attacker take further steps to obtain root access.
Additionally, there is the bind-chroot package which, if used, runs
the server in a chroot area under /var/named which imposes an
additional restriction on the actions a potential intruder can take.

 2) Denial of service (CAN-2002-1221) [6]
The BIND server can be triggered into attempting a NULL pointer
dereference which will terminate the service. This can be caused by a
remote attacker who controls a DNS server authoritative for some
domain queried by the vulnerable BIND server.


 The packages available through this advisory were built with patches
that were made publicly available[3] by ISC less than 24 hours ago.
Conectiva Linux and the majority of other GNU/Linux distributions
were notified about this vulnerability (but with not enough details
to produce a patch) about 12 hours before ISS made it public[7]. We
are worried about the way in which this whole incident has been
handled, specially when considering that DNS is part of the internet
infrastructure and thus a vital service.

 We, and many vendors, do believe in what is commonly called
"responsible full disclosure"[8], where all details about a
vulnerability are made public after all vendors were notified in
advance and have had a reasonable amount of time to prepare and test
updated packages. We believe this to be the most secure and
responsible method for disclosing vulnerabilities.


SOLUTION
All BIND users should upgrade immediately. After the upgrade, the
named service will be automatically restarted if needed.

 If it is not possible to upgrade the packages immediately, users
should disable recursive queries or restrict them. Disabling
recursive queries can be done by the "recursion no;" parameter in the
options section of the named.conf configuration file. Restricting
access to such queries can be accomplished via the "allow-recursion"
directive in the same configuration file.


 REFERENCES
1.http://www.isc.org/
2.http://www.cert.org/advisories/CA-2002-31.html
3.http://www.isc.org/products/BIND/patches/bind826.diff
4.http://www.isc.org/products/BIND/bind-security.html
5.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1219
6.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1221
7.https://gtoc.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469
8.http://distro.conectiva.com.br/seguranca/problemas/?idioma=en


DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/bind-8.2.6-1U60_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/bind-chroot-8.2.6-1U60_2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/bind-8.2.6-1U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/bind-chroot-8.2.6-1U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/bind-devel-8.2.6-1U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/bind-devel-static-8.2.6-1U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/bind-doc-8.2.6-1U60_2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/bind-utils-8.2.6-1U60_2cl.i386.rpm


ADDITIONAL INSTRUCTIONS
Users of Conectiva Linux version 6.0 or higher may use apt to perform
upgrades of RPM packages:
- add the following line to /etc/apt/sources.list if it is not there yet
  (you may also use linuxconf to do this):

 rpm [cncbr] ftp://atualizacoes.conectiva.com.br 6.0/conectiva updates

(replace 6.0 with the correct version number if you are not running CL6.0)

 - run:                 apt-get update
- after that, execute: apt-get upgrade

 Detailed instructions reagarding the use of apt and upgrade examples
can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en


- -------------------------------------------------------------------------
All packages are signed with Conectiva's GPG key. The key and instructions
on how to import it can be found at
http://distro.conectiva.com.br/seguranca/chave/?idioma=en
Instructions on how to check the signatures of the RPM packages can be
found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en
- -------------------------------------------------------------------------
All our advisories and generic update instructions can be viewed at
http://distro.conectiva.com.br/atualizacoes/?idioma=en

- -------------------------------------------------------------------------
subscribe: conectiva-updates-subscribe@papaleguas.conectiva.com.br
unsubscribe: conectiva-updates-unsubscribe@papaleguas.conectiva.com.br
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE9099O42jd0JmAcZARAiZGAKDMz0e8eiF+0Zws8sQkvkE5NcHKywCg24tc
ixMwRpolJ8skSz3KyrLfVjM=
=Smdc
-----END PGP SIGNATURE-----

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Notified:  November 12, 2002 Updated: November 14, 2002

Status

Affected

Vendor Statement

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

+------------------------------------------------------------------------+
| EnGarde Secure Linux Security Advisory               November 14, 2002 |
| http://www.engardelinux.org/                          ESA-20021114-029 |
|                                                                        |
| Packages: bind-chroot, bind-chroot-utils                               |
| Summary:  buffer overflow, DoS attacks.                                |
+------------------------------------------------------------------------+

  EnGarde Secure Linux is a secure distribution of Linux that features
 improved access control, host and network intrusion detection, Web
 based secure remote management, e-commerce, and integrated open source
 security tools.

OVERVIEW
- --------
 Several vulnerabilities were found in the BIND nameserver.  The
 vulnerabilities, discovered by ISS, range from buffer overflows to
 denial of service (DoS) attacks.

  The summaries below are from the ISS advisory which may be found at:

    http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469

  * CAN-2002-1219 -- BIND SIG Cached RR Overflow Vulnerability

    "A buffer overflow exists in BIND 4 and 8 that may lead to remote
    compromise of vulnerable DNS servers. An attacker who controls any
    authoritative DNS server may cause BIND to cache DNS information
    within its internal database, if recursion is enabled. Recursion is
    enabled by default unless explicitly disabled via command line
    options or in the BIND configuration file. Attackers must either
    create their own name server that is authoritative for any domain,
    or compromise any other authoritative server with the same criteria.
    Cached information is retrieved when requested by a DNS client. There
    is a flaw in the formation of DNS responses containing SIG resource
    records (RR) that can lead to buffer overflow and execution of
    arbitrary code."

  * CAN-2002-1220 -- BIND OPT DoS

    "Recursive BIND 8 servers can be caused to abruptly terminate due to
    an assertion failure. A client requesting a DNS lookup on a
    nonexistent sub- domain of a valid domain name may cause BIND 8 to
    terminate by attaching an OPT resource record with a large UDP
    payload size. This DoS may also be triggered for queries on domains
    whose authoritative DNS servers are unreachable."

  * CAN-2002-1221 -- BIND SIG Expiry Time DoS

    "Recursive BIND 8 servers can be caused to abruptly terminate due to a
    null pointer dereference. An attacker who controls any authoritative
    name server may cause vulnerable BIND 8 servers to attempt to cache
    SIG RR elements with invalid expiry times. These are removed from the
    BIND internal database, but later improperly referenced, leading to a
    DoS condition."

  All users should upgrade as soon as possible.

SOLUTION
- --------
 Users of the EnGarde Professional edition can use the Guardian Digital
 Secure Network to update their systems automatically.

  EnGarde Community users should upgrade to the most recent version
 as outlined in this advisory.  Updates may be obtained from:

    ftp://ftp.engardelinux.org/pub/engarde/stable/updates/
   http://ftp.engardelinux.org/pub/engarde/stable/updates/

  Before upgrading the package, the machine must either:

    a) be booted into a "standard" kernel; or
   b) have LIDS disabled.

  To disable LIDS, execute the command:

    # /sbin/lidsadm -S -- -LIDS_GLOBAL

  To install the updated package, execute the command:

    # rpm -Uvh files

  You must now update the LIDS configuration by executing the command:

    # /usr/sbin/config_lids.pl

  To re-enable LIDS (if it was disabled), execute the command:

    # /sbin/lidsadm -S -- +LIDS_GLOBAL

  To verify the signatures of the updated packages, execute the command:

    # rpm -Kv files

UPDATED PACKAGES
- ----------------
 These updated packages are for EnGarde Secure Linux Community
 Edition.

  Source Packages:

    SRPMS/bind-chroot-8.2.6-1.0.29.src.rpm
     MD5 Sum: 3c845d09bcbe9b07e5395d75a8686689

  Binary Packages:

    i386/bind-chroot-8.2.6-1.0.29.i386.rpm
     MD5 Sum: 0c1daf47be94ae0fd5a29e4007bf68c2

    i386/bind-chroot-utils-8.2.6-1.0.29.i386.rpm
     MD5 Sum: 58e0e54d895b8dc3c6f6b5e9228912fb

    i686/bind-chroot-8.2.6-1.0.29.i686.rpm
     MD5 Sum: 84cb58f02d228859a2fbda3ed1b46dd5

    i686/bind-chroot-utils-8.2.6-1.0.29.i686.rpm
     MD5 Sum: 20fb3e4a34cecb431511308afe027941

REFERENCES
- ----------
 Guardian Digital's public key:
   http://ftp.engardelinux.org/pub/engarde/ENGARDE-GPG-KEY

  BIND's Official Web Site:
   http://www.isc.org/products/BIND/

  Security Contact:   security@guardiandigital.com
 EnGarde Advisories: http://www.engardelinux.org/advisories.html

- --------------------------------------------------------------------------
$Id:ESA-20021114-029-bind-chroot,v1.42002/11/1410:02:51rwmExp$
- --------------------------------------------------------------------------
Author: Ryan W. Maple <ryan@guardiandigital.com>
Copyright 2002, Guardian Digital, Inc.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE903h0HD5cqd57fu0RAgQ2AJ4h+6JBMcFRlC3vKwfRi7dnMRE69ACbBQoO
jReNCYKqxnuwuvOLsRqhznY=
=9v8+
-----END PGP SIGNATURE-----

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Notified:  November 12, 2002 Updated: November 18, 2002

Status

Affected

Vendor Statement

The AIX operating system is vulnerable to the named and DNS resolver issues in releases 4.3.3, 5.1.0 and 5.2.0. Temporary patches will be available through an efix package by 11/22/2002 or before. The efix will be available at the following URL:

ftp://ftp.software.ibm.com/aix/efixes/security/bind_multiple_efix.tar.Z

AIX 4.3.3 APAR IY37088 (available approx 11/27/2002 )
AIX 5.1.0 APAR IY37019 (available approx 12/18/2002 )
AIX 5.2.0 APAR TBA (available approx TBA )

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Notified:  November 12, 2002 Updated: November 14, 2002

Status

Affected

Vendor Statement

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

                Mandrake Linux Security Update Advisory
________________________________________________________________________

Package name:           bind
Advisory ID:            MDKSA-2002:077
Date:                   November 14th, 2002

Affected versions:      7.2, Single Network Firewall 7.2
________________________________________________________________________

Problem Description:

 Several vulnerabilities were discovered in the BIND8 DNS server by ISS
(Internet Security Services), including a remotely exploitable buffer
overflow.  The first vulnerability is how named handles SIG records;
this buffer overflow can be exploited to obtain access to the victim
host with the privilege of the user the named process is running as.
By default, Mandrake Linux is configured to run the named process as
the named user.  To successfully exploit this vulnerability, the
attacker must control an existing DNS domain and must be allowed to
perform a recursive query.

 A possible work-around is to restrict recursive requests, however
MandrakeSoft encourages all users to upgrade to the provided BIND9
packages.  You can also completely disable recursion by adding
"recursion no;" to the options section of /etc/named.conf.

 Several Denial of Service problems also exist in BIND8 that allow
attackers to terminate the named process.  At least one of these
vulnerabilities seems to be exploitable even when the attacker is
not permitted to perform recursive queries, so the work-around noted
above is not effective against this DoS.

 Both problems are not reported to effect BIND9.  As Linux-Mandrake
7.2 and Single Network Firewall 7.2 are the only supported distributions
to still ship BIND8, we have elected to upgrade to both a patched
version of BIND8 and BIND9.  The BIND8 packages contain the patch
ISC made available late on the 13th, contrary to their original
advisory which called for them to be made available next week.  Despite
this, however, MandrakeSoft encourages everyone who is able to upgrade
to BIND9 rather than BIND8.

 The MandrakeSoft security team wishes to apologize to MandrakeSoft
customers for not being able to provide timely fixes for this problem,
and regrets the inability of the ISC to work with the Internet community
at large to provide adequate protection to users of BIND.
________________________________________________________________________

References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1219
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1220
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1221
 http://www.kb.cert.org/vuls/id/852283
 http://www.kb.cert.org/vuls/id/229595
 http://www.isc.org/products/BIND/bind-security.html
 http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469
________________________________________________________________________

Updated Packages:

 Linux-Mandrake 7.2:
f3ca1559f7d2fbe17a2ec6dab327bb7e  7.2/RPMS/bind-8.3.3-2.1mdk.i586.rpm
0ccd937ec59aa9775f79b05f62d4718c  7.2/RPMS/bind-9.2.1-2.3mdk.i586.rpm
783ab2327c7e7983a07a8043d3355bbb  7.2/RPMS/bind-devel-8.3.3-2.1mdk.i586.rpm
bbf717f0f71098ab6c2293d9dbd1c1bd  7.2/RPMS/bind-devel-9.2.1-2.3mdk.i586.rpm
47a2418adcd190b22956407a667fbc9e  7.2/RPMS/bind-utils-8.3.3-2.1mdk.i586.rpm
56b9c086c299cdfd367ae87f14db711b  7.2/RPMS/bind-utils-9.2.1-2.3mdk.i586.rpm
df34fbecce2e6c61695fcee11a525fea  7.2/RPMS/caching-nameserver-8.1-3.2mdk.noarch.rpm
f9d914230ec37be01ad4d00abcde0280  7.2/SRPMS/bind-8.3.3-2.1mdk.src.rpm
8660bd628168c52478b0f766d0ab676c  7.2/SRPMS/bind-9.2.1-2.3mdk.src.rpm
904b9064763803d24afc79e7140146a4  7.2/SRPMS/caching-nameserver-8.1-3.2mdk.src.rpm

 Single Network Firewall 7.2:
f3ca1559f7d2fbe17a2ec6dab327bb7e  snf7.2/RPMS/bind-8.3.3-2.1mdk.i586.rpm
0ccd937ec59aa9775f79b05f62d4718c  snf7.2/RPMS/bind-9.2.1-2.3mdk.i586.rpm
47a2418adcd190b22956407a667fbc9e  snf7.2/RPMS/bind-utils-8.3.3-2.1mdk.i586.rpm
56b9c086c299cdfd367ae87f14db711b  snf7.2/RPMS/bind-utils-9.2.1-2.3mdk.i586.rpm
df34fbecce2e6c61695fcee11a525fea  snf7.2/RPMS/caching-nameserver-8.1-3.2mdk.noarch.rpm
f9d914230ec37be01ad4d00abcde0280  snf7.2/SRPMS/bind-8.3.3-2.1mdk.src.rpm
8660bd628168c52478b0f766d0ab676c  snf7.2/SRPMS/bind-9.2.1-2.3mdk.src.rpm
904b9064763803d24afc79e7140146a4  snf7.2/SRPMS/caching-nameserver-8.1-3.2mdk.src.rpm
________________________________________________________________________

Bug IDs fixed (see https://qa.mandrakesoft.com for more information):
________________________________________________________________________

To upgrade automatically, use MandrakeUpdate.  The verification of md5
checksums and GPG signatures is performed automatically for you.

If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm".  A list of
FTP mirrors can be obtained from:

  http://www.mandrakesecure.net/en/ftp.php

Please verify the update prior to upgrading to ensure the integrity of
the downloaded package.  You can do this with the command:

  rpm --checksig <filename>

All packages are signed by MandrakeSoft for security.  You can obtain
the GPG public key of the Mandrake Linux Security Team from:

  https://www.mandrakesecure.net/RPM-GPG-KEYS

Please be aware that sometimes it takes the mirrors a few hours to
update.

You can view other update advisories for Mandrake Linux at:

  http://www.mandrakesecure.net/en/advisories/

MandrakeSoft has several security-related mailing list services that
anyone can subscribe to.  Information on these lists can be obtained by
visiting:

  http://www.mandrakesecure.net/en/mlist.php

If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

Type Bits/KeyID     Date       User ID
pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
 <security linux-mandrake.com>

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.7 (GNU/Linux)

mQGiBDlp594RBAC2tDozI3ZgQsE7XwxurJCJrX0L5vx7SDByR5GHDdWekGhdiday
L4nfUax+SeR9SCoCgTgPW1xB8vtQc8/sinJlMjp9197a2iKM0FOcPlkpa3HcOdt7
WKJqQhlMrHvRcsivzcgqjH44GBBJIT6sygUF8k0lU6YnMHj5MPc/NGWt8wCg9vKo
P0l5QVAFSsHtqcU9W8cc7wMEAJzQsAlnvPXDBfBLEH6u7ptWFdp0GvbSuG2wRaPl
hynHvRiE01ZvwbJZXsPsKm1z7uVoW+NknKLunWKB5axrNXDHxCYJBzY3jTeFjsqx
PFZkIEAQphLTkeXXelAjQ5u9tEshPswEtMvJvUgNiAfbzHfPYmq8D6x5xOw1IySg
2e/LBACxr2UJYCCB2BZ3p508mAB0RpuLGukq+7UWiOizy+kSskIBg2O7sQkVY/Cs
iyGEo4XvXqZFMY39RBdfm2GY+WB/5NFiTOYJRKjfprP6K1YbtsmctsX8dG+foKsD
LLFs7OuVfaydLQYp1iiN6D+LJDSMPM8/LCWzZsgr9EKJ8NXiyrQ6TGludXggTWFu
ZHJha2UgU2VjdXJpdHkgVGVhbSA8c2VjdXJpdHlAbGludXgtbWFuZHJha2UuY29t
PohWBBMRAgAWBQI5aefeBAsKBAMDFQMCAxYCAQIXgAAKCRCaqNDQIkWKmK6LAKCy
/NInDsaMSI+WHwrquwC5PZrcnQCeI+v3gUDsNfQfiKBvQSANu1hdulqIRgQQEQIA
BgUCOtNVGQAKCRBZ5w3um0pAJJWQAKDUoL5He+mKbfrMaTuyU5lmRyJ0fwCgoFAP
WdvQlu/kFjphF740XeOwtOqIRgQQEQIABgUCOu8A6QAKCRBynDnb9lq3CnpjAJ4w
Pk0SEE9U4r40IxWpwLU+wrWVugCdFfSPllPpZRCiaC7HwbFcfExRmPaIRgQQEQIA
BgUCPI+UAwAKCRDniYrgcHcf8xK5AKCm/Mq8qP8GE0o1hEX22QsJMZwH5gCfZ72H
8TacOb3oAmBdprf+K6gkdOiIRgQQEQIABgUCOtOieAAKCRCv2bZyU0yB80MeAJ9K
+jXt0cKuaUonRU+CRGetk6t9dgCfTRRL6/puOKdD6md70+K5EBBSvsG0OE1hbmRy
YWtlIExpbnV4IFNlY3VyaXR5IFRlYW0gPHNlY3VyaXR5QG1hbmRyYWtlc29mdC5j
b20+iFcEExECABcFAjyPnuUFCwcKAwQDFQMCAxYCAQIXgAAKCRCaqNDQIkWKmFi+
AJsHhohgnU3ik4+gy3EdFlB2i/MBoACg6lHn5cnVvTcmgNccWxeNxLLZI5e5AQ0E
OWnn7xAEAOQlTVY4TiNo5V/iP0J1xnqjqlqZsU7yEBKo/gZz6/+hx75RURe1ebiJ
9F779FQbpJ9Epz1KLSXvq974rnVb813zuGdmgFyk+ryA/rTR2RQ8h+EoNkwmATzR
xBXVJb57fFQjxOu4eNjZAtfII/YXb0uyXXrdr5dlJ/3eXrcO4p0XAAMFBACCxo6Z
269s+A4v8C6Ui12aarOQcCDlV8cVG9LkyatU3FNTlnasqwo6EkaP572448weJWwN
6SCXVl+xOYLiK0hL/6Jb/O9Agw75yUVdk+RMM2I4fNEi+y4hmfMh2siBv8yEkEvZ
jTcl3TpkTfzYky85tu433wmKaLFOv0WjBFSikohGBBgRAgAGBQI5aefvAAoJEJqo
0NAiRYqYid0AoJgeWzXrEdIClBOSW5Q6FzqJJyaqAKC0Y9YI3UFlE4zSIGjcFlLJ
EJGXlA==
=yGlX
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9083UmqjQ0CJFipgRAnHHAKCpU7M0s+/oktmfBXt3YmuV0Fk9EgCgxqKw
0TMmPB4TZgcFOv+PVexxc58=
=01Zu
-----END PGP SIGNATURE-----

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Notified:  November 12, 2002 Updated: December 03, 2002

Status

Affected

Vendor Statement

"NetID version 4.3.1 and below is affected by the vulnerabilities identified in CERT/CC Advisory CA-2002-31. A bulletin and patched builds are available from the following Nortel Networks support contacts:

North America: 1-800-4NORTEL or 1-800-466-7835
Europe, Middle East and Africa: 00800 8008 9009, or +44 (0) 870 907 9009

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Notified:  November 12, 2002 Updated: December 03, 2002

Status

Affected

Vendor Statement

BIND 4.9.10-OW2 includes the patch provided by ISC and thus has the two vulnerabilities affecting BIND 4 fixed. Previous versions of BIND 4.9.x-OW patches, if used properly, significantly reduced the impact of the "named" vulnerability. The patches are available at their usual location:

http://www.openwall.com/bind/

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.