Oval Definition:oval:org.mitre.oval:def:5761
Revision Date:2015-04-20Version:27
Title:HP-UX Running BIND, Remote DNS Cache Poisoning
Description:The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug."
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2008-1447
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • Criteria meets HP Security Bulletin HPSBUX02351
  • HP-UX B.11.11
  • AND BindUpgrade.BIND-UPGRADE version is less than C.9.3.2.3.0
  • OR Criteria meets HP Security Bulletin HPSBUX02351
  • HP-UX B.11.23
  • AND filesets tests
  • InternetSrvcs.INETSVCS-INETD is installed
  • OR InternetSrvcs.INETSVCS-RUN is installed
  • OR InternetSrvcs.INETSVCS2-RUN is installed
  • AND NOT Patch PHNE_37865 is installed
  • OR Criteria meets HP Security Bulletin HPSBUX02351
  • HP-UX B.11.23
  • AND filesets tests
  • BindUpgrade.BIND-UPGRADE version is less than C.9.3.2.3.0
  • OR BindUpgrade.BIND2-UPGRADE version is less than C.9.3.2.3.0
  • OR Criteria meets HP Security Bulletin HPSBUX02351
  • HP-UX B.11.11
  • AND BINDv920.INETSVCS-BIND version is less than B.11.11.01.011
  • OR Criteria meets HP Security Bulletin HPSBUX02351
  • HP-UX B.11.31
  • AND filesets tests
  • NameService.BIND-AUX version is less than C.9.3.2.3.0
  • OR NameService.BIND-RUN version is less than C.9.3.2.3.0
    • BACK