Note: This is an archival copy of Security Sun Alert 275890 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1021798.1. |
Category Security Release Phase Resolved In this Document
Applies to:OpenSolaris Operating System - Version: All VersionsSun Software > Operating Systems > Solaris Operating System All Platforms DescriptionMultiple security vulnerabilities have been identified in BIND DNSSEC bundled with Solaris:1. An authentication security vulnerability in named(1M) may allow a remote unprivileged user to cause named(1M) to return incorrect addresses for Internet hosts, thereby redirecting end users to unintended hosts or services. This issue is also referenced in the following documents: US-CERT Vulnerability Note VU#418861 at http://www.kb.cert.org/vuls/id/418861 CVE-2009-4022 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 2. A vulnerability in the way named(1M) handles recursive client queries may allow a remote unprivileged user to cause named(1M) to return NXDOMAIN (Non-Existent Domain) for Internet hosts thus causing a Denial of Service (DoS) for those hosts to end users. This issue is also referenced in the following documents: US-CERT Vulnerability Note VU#360341 at http://www.kb.cert.org/vuls/id/360341 CVE-2010-0097 at http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097 and also at https://www.isc.org/advisories/CVE-2010-0097 Likelihood of OccurrenceThese issues can occur in the following releases:SPARC Platform
1. BIND shipped with Solaris 8 does not support DNSSEC and is therefore not impacted by this issue. 2. Only systems with the BIND named(1M) service enabled and configured as a DNSSEC-validating nameserver are impacted by this issue. To verify if BIND is running on a system, the following command can be run: To be a DNSSEC-validating nameserver requires trust anchors to be configured at this time. Check for "trusted-keys" statements in '/etc/named.conf' and files included by 'named.conf' as in the following example:$ pgrep named && echo 'BIND is running' 3. OpenSolaris distributions may include additional bug fixes above and beyond the base build from which it was derived. The base build can be derived as follows:$ grep "trusted-keys" /etc/named.conf $ uname -a Possible SymptomsThere are no predictable symptoms that would indicate the described issues have occurred.Workaround or ResolutionThese issues are addressed in the following releases:SPARC Platform
For more information on Security Sun Alerts, see Document ID: 1009886.1 Patches119783-15119784-15 112837-21 114265-20 < Modification History10-Mar-2010: Updated Contributing Factors and Resolution sections for Solaris 10 patches 07-Jun-2010: Updated Contributing Factors and Resolution sections for Solaris 9 patches, issue is Resolved References<PATCH:112837-21> -<PATCH:114265-20> - SUNPATCH:119783-15 SUNPATCH:119784-15 Attachments This solution has no attachment |
|