TITLE: HP Tru64 UNIX DNS BIND Unspecified Vulnerability SECUNIA ADVISORY ID: SA18690 VERIFY ADVISORY: http://secunia.com/advisories/18690/ CRITICAL: Highly critical IMPACT: System access WHERE: >From remote OPERATING SYSTEM: HP Tru64 UNIX 5.x http://secunia.com/product/2/ HP Tru64 UNIX 4.x http://secunia.com/product/6/ DESCRIPTION: A vulnerability has been reported in HP Tru64 UNIX, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error in DNS BIND. This can be exploited to gain unauthorised, privileged access to an affected system. The vulnerability affects the following versions: * HP Tru64 UNIX 5.1B-3 * HP Tru64 UNIX 5.1B-2/PK4 * HP Tru64 UNIX 5.1A PK6 * HP Tru64 UNIX 4.0G PK4 * HP Tru64 UNIX 4.0F PK8 SOLUTION: Apply ERP kits. HP Tru64 UNIX Version 5.1B-3: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1000207-V51BB26-ES-20051212 MD5 Checksum: b4cc5c0dd9dbec8d644444e8036f44dc HP Tru64 UNIX Version 5.1B-2/PK4: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1000208-V51BB25-ES-20051213 MD5 Checksum: 6b388a0067f3e26a3a161edf28506769 HP Tru64 UNIX Version 5.1A PK6: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1000209-V51AB24-ES-20051213 MD5 Checksum: 02b95600c15c35ad2991ec247c3cd9fb HP Tru64 UNIX Version 4.0G PK4: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1000211-V40GB22-ES-20051210 MD5 Checksum: 6f44f115dc564d67c073fa56989634c1 HP Tru64 UNIX Version 4.0F PK8: http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1000210-V40FB22-ES-20051210 MD5 Checksum: db6ce0a77906512ba45bc10cc8c518a7 PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00595837 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------