[Bug 176971] Re: dns caches posioned

bdolango Brian.Dolan-Goecke at TIES.k12.mn.us
Thu Mar 13 21:42:09 GMT 2008 

Sorry it took so long to get back to you.

I will have to dig up version numbers.  But basically we had machines
with the most recent Ubuntu 6.06 DNS/Bind package running.  And they
were poisoned.  The machines were not breached, the systems were fine,
just DNS/Bind were filled with incorrect DNS information (poisioned).

When investigating the issue we noticed there was an updated version of
ISC DNS Bind that was not incorporated into the most recent Ubuntu 6.06
DNS Bind package.

This is the package I had installed,

bdolango at dnscache1:~$ sudo apt-cache showpkg bind9
Package: bind9
Versions: 
1:9.3.2-2ubuntu1.3(/var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_dapper-updates_main_binary-i386_Packages)(/var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_dapper-security_main_binary-i386_Packages)(/var/lib/dpkg/status)
1:9.3.2-2ubuntu1(/var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_dapper_main_binary-i386_Packages)

Reverse Depends: 
  gforge-dns-bind9,bind9
  dnsutils,bind9 1:9.1.0-3
  ultrapossum-dnsbalance,bind9
  resolvconf,bind9 1:9.2.1-7
  meta-ul-server-base,bind9
  ldap2dns,bind9
  gforge-dns-bind9,bind9
  education-main-server,bind9
  dnscvsutil,bind9
  dhis-tools-dns,bind9
  dhis-dns-engine,bind9
  autodns-dhcp,bind9
  dnsutils,bind9 1:9.1.0-3
Dependencies: 
1:9.3.2-2ubuntu1.3 - libbind9-0 (0 (null)) libc6 (2 2.3.4-1) libdns21 (0
(null)) libisc11 (0 (null)) libisccc0 (0 (null)) libisccfg1 (0 (null))
liblwres9 (0 (null)) libssl0.9.8 (2 0.9.8a-1) netbase (0 (null)) adduser
(0 (null)) libdns21 (5 1:9.3.2-2ubuntu1.3) libisccfg1 (5
1:9.3.2-2ubuntu1.3) libisc11 (5 1:9.3.2-2ubuntu1.3) libisccc0 (5
1:9.3.2-2ubuntu1.3) lsb-base (2 3.0-6) dnsutils (0 (null)) bind9-doc (0
(null)) bind (0 (null)) bind (0 (null)) dnsutils (3 1:9.1.0-3) 
1:9.3.2-2ubuntu1 - libbind9-0 (0 (null)) libc6 (2 2.3.4-1) libdns21 (0
(null)) libisc11 (0 (null)) libisccc0 (0 (null)) libisccfg1 (0 (null))
liblwres9 (0 (null)) libssl0.9.8 (2 0.9.8a-1) netbase (0 (null)) adduser
(0 (null)) libdns21 (5 1:9.3.2-2ubuntu1) libisccfg1 (5 1:9.3.2-2ubuntu1)
libisc11 (5 1:9.3.2-2ubuntu1) libisccc0 (5 1:9.3.2-2ubuntu1) lsb-base (2
3.0-6) dnsutils (0 (null)) bind9-doc (0 (null)) bind (0 (null)) bind (0
(null)) dnsutils (3 1:9.1.0-3) 
Provides: 
1:9.3.2-2ubuntu1.3 - 
1:9.3.2-2ubuntu1 - 
Reverse Provides: 


The version I installed from ISC is 9.4.2

==>brian.


On Tue, 2008-03-11 at 15:25 +0000, Kees Cook wrote:
> Thanks for the report.  The bind9 in dapper should contain all security
> fixes from later releases.  Do you have any other details about the
> situation you've been seeing?
> 
> ** Changed in: bind9 (Ubuntu)
>        Status: Triaged => Incomplete
>

-- 
dns caches posioned
https://bugs.launchpad.net/bugs/176971
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to bind9 in ubuntu.

More information about the Ubuntu-server-bugs mailing list