---------------------------------------------------------------------- BETA test the new Secunia Personal Software Inspector! The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors. Download the free PSI BETA from the Secunia website: https://psi.secunia.com/ ---------------------------------------------------------------------- TITLE: SUSE update for bind SECUNIA ADVISORY ID: SA26308 VERIFY ADVISORY: http://secunia.com/advisories/26308/ CRITICAL: Moderately critical IMPACT: Spoofing WHERE: >From remote OPERATING SYSTEM: SUSE Linux Enterprise Server 9 http://secunia.com/product/4118/ UnitedLinux 1.0 http://secunia.com/product/2003/ SuSE Linux Standard Server 8 http://secunia.com/product/2526/ SuSE Linux Openexchange Server 4.x http://secunia.com/product/2001/ SuSE Linux Enterprise Server 8 http://secunia.com/product/1171/ SUSE Linux 10.1 http://secunia.com/product/10796/ SUSE Linux 10 http://secunia.com/product/6221/ openSUSE 10.2 http://secunia.com/product/13375/ SOFTWARE: Novell Open Enterprise Server http://secunia.com/product/4664/ DESCRIPTION: SUSE has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache. For more information: SA26152 SOLUTION: Apply updated packages. x86 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/bind-9.3.2-56.3.i586.rpm 48abc8f128c76c49e021005ffa37e9ee ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/bind-libs-9.3.2-56.3.i586.rpm f240048ef7c3534bfc38fec305dd3544 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/bind-utils-9.3.2-56.3.i586.rpm cebf7e1d7c0c26298a7b30dd0571074c SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/bind-9.3.2-17.18.i586.rpm 0a6d5f40bb95626e04bc090a89011901 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/bind-libs-9.3.2-17.18.i586.rpm f44c83eb3a7971001c58675dbde639be ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/bind-utils-9.3.2-17.18.i586.rpm bb311a19785da40e826827b2acfcad72 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/bind-9.3.2-56.3.i586.rpm a75a13517fe07dda2f3f6def7de206f0 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/bind-devel-9.3.2-56.3.i586.rpm 0745b6d2b41259c86269632a03804372 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/bind-doc-9.3.2-56.3.i586.rpm 14df9b80e49a627f4d5313e9cf95fc97 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/bind-libs-9.3.2-56.3.i586.rpm 9e4ef221bfde5aee6a94c904a98b2fc3 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/bind-lwresd-9.3.2-56.3.i586.rpm 35fc7567db77d89561e991176ff0f6a4 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/bind-utils-9.3.2-56.3.i586.rpm 46fdb7a792c81d8a597ee7bd046a0f65 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/nss_lwres-0.93-6.3.i586.rpm 0cea0ad2440d863eb5082138184e64ad Power PC Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/bind-9.3.2-56.3.ppc.rpm 8ba1e6488407ee636e2df2ed28a6e762 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/bind-libs-9.3.2-56.3.ppc.rpm 0c08f744bf7a730b1da5253372689ab9 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/bind-utils-9.3.2-56.3.ppc.rpm d9ac9c156a8290b7fb36281648a687bb SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/bind-9.3.2-17.18.ppc.rpm 01196536550eb52905def53425a33fdb ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/bind-libs-9.3.2-17.18.ppc.rpm c89a99c0076346029af97c7d700292b1 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/bind-utils-9.3.2-17.18.ppc.rpm 3065af7b1739cc9c9210ac4c2ea2fb20 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/bind-9.3.2-56.3.ppc.rpm 39fa5b6d2d6d05bf7b7e6ab10a26450b ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/bind-devel-9.3.2-56.3.ppc.rpm 01927c9dba84b552fe4678ea545a0e1f ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/bind-doc-9.3.2-56.3.ppc.rpm e19c2a378da251d2298b39c8913bbee6 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/bind-libs-9.3.2-56.3.ppc.rpm e38ecdcbcf9d4c45308d9cc0c6130a50 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/bind-lwresd-9.3.2-56.3.ppc.rpm c3461c9830feb17ae4152d6c5152b4e1 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/bind-utils-9.3.2-56.3.ppc.rpm 61a09dd2a49b0fc851a75c910c784b45 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/nss_lwres-0.93-6.3.ppc.rpm 4f54b429356e3c3cd63025c828ee7fda x86-64 Platform: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/bind-9.3.2-56.3.x86_64.rpm a6f05877f1e67aa034510787ab4c5eb5 ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/bind-libs-32bit-9.3.2-56.3.x86_64.rpm b425e8ccab18397b345d3a264fb6385e ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/bind-libs-9.3.2-56.3.x86_64.rpm 9802cea2b3e51e15838280d71529543b ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/bind-utils-9.3.2-56.3.x86_64.rpm 5a826a5d01b13ad46825af5ec0be47d9 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/bind-9.3.2-17.18.x86_64.rpm 366c78e6581c683de19367aba4b4ec18 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/bind-libs-32bit-9.3.2-17.18.x86_64.rpm 67d44342aac8bb90cbc30cde05028ef5 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/bind-libs-9.3.2-17.18.x86_64.rpm d14194bd4c8fd21292e619beb4b45e30 ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/bind-utils-9.3.2-17.18.x86_64.rpm 169e61fbf1d14c74f3111129964f5781 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/bind-9.3.2-56.3.x86_64.rpm abcc76ac1cfde1240debb90bb9a6e4d4 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/bind-devel-9.3.2-56.3.x86_64.rpm c9d75ab01b6ec59a33ee057761b27689 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/bind-doc-9.3.2-56.3.x86_64.rpm fb7f24a49961a51038148c3e7ddc02fb ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/bind-libs-32bit-9.3.2-56.3.x86_64.rpm da1ba6adf8548175c2e2c20f82ac3aea ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/bind-libs-9.3.2-56.3.x86_64.rpm eefb912d78be2d68336f5ba3e4af7da4 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/bind-lwresd-9.3.2-56.3.x86_64.rpm 68e60bd1dc5f3e7aeef46fb9cde0eb90 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/bind-utils-9.3.2-56.3.x86_64.rpm bfbbfd8863c5d95ba01b3706b8070ed1 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/nss_lwres-0.93-6.3.x86_64.rpm d2b01545788cc682d85ccec56a279d63 Sources: openSUSE 10.2: ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/bind-9.3.2-56.3.src.rpm 38e0184897ace16acfe0c05bdc495db9 SUSE LINUX 10.1: ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/bind-9.3.2-17.18.src.rpm 2d3b097dfc202b56b43b9fe32c7e3c32 SUSE LINUX 10.0: ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/bind-9.3.2-56.3.src.rpm 32e43c29bdcd6fe8de2afd4de2e56918 ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/nss_lwres-0.93-6.3.src.rpm fc699b0b5d8fd0ad309789323dcbab21 Maintenance customers are advised to apply the updated packages from the maintenance web: UnitedLinux 1.0 http://support.novell.com/techcenter/psdb/b90103f8211b22803a126a1781f9c870.html SuSE Linux Openexchange Server 4 http://support.novell.com/techcenter/psdb/b90103f8211b22803a126a1781f9c870.html SuSE Linux Enterprise Server 8 http://support.novell.com/techcenter/psdb/b90103f8211b22803a126a1781f9c870.html SuSE Linux Standard Server 8 http://support.novell.com/techcenter/psdb/b90103f8211b22803a126a1781f9c870.html SuSE Linux School Server http://support.novell.com/techcenter/psdb/b90103f8211b22803a126a1781f9c870.html SUSE LINUX Retail Solution 8 http://support.novell.com/techcenter/psdb/b90103f8211b22803a126a1781f9c870.html SUSE Linux Enterprise Server 10 SP1 http://support.novell.com/techcenter/psdb/9661e828c0e56d3297ed6fc60453d1e7.html SLE SDK 10 SP1 http://support.novell.com/techcenter/psdb/9661e828c0e56d3297ed6fc60453d1e7.html SUSE Linux Enterprise Desktop 10 SP1 http://support.novell.com/techcenter/psdb/9661e828c0e56d3297ed6fc60453d1e7.html Open Enterprise Server http://support.novell.com/techcenter/psdb/c9ea0bc14d84824dc2e54f71907d6322.html Novell Linux POS 9 http://support.novell.com/techcenter/psdb/c9ea0bc14d84824dc2e54f71907d6322.html Novell Linux Desktop 9 http://support.novell.com/techcenter/psdb/c9ea0bc14d84824dc2e54f71907d6322.html SUSE SLES 9 http://support.novell.com/techcenter/psdb/c9ea0bc14d84824dc2e54f71907d6322.html ORIGINAL ADVISORY: http://www.novell.com/linux/security/advisories/2007_47_bind.html OTHER REFERENCES: SA26152: http://secunia.com/advisories/26152/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------