[Bug 399012] Re: [Intrepid] Security issue could allow dns-poisoning
Launchpad Bug Tracker
399012 at bugs.launchpad.net
Mon Jul 13 23:18:34 UTC 2009
This bug was fixed in the package djbdns - 1:1.05-2ubuntu0.1
---------------
djbdns (1:1.05-2ubuntu0.1) intrepid-security; urgency=low
* SECURITY UPDATE: Matthew Dempsky discovered that Daniel J. Bernstein's
djbdns, a Domain Name System server, does not constrain offsets in the
required manner, which allows remote attackers with control over a
third-party subdomain served by tinydns and axfrdns, to trigger DNS
responses containing arbitrary records via crafted zone data for this
subdomain. (LP: #399012)
- CVE-2009-0858
- http://shinobi.dempsky.org/~matthew/djbdns-bug/patch
-- Andreas Moog <amoog at ubuntu.com> Mon, 13 Jul 2009 22:55:59 +0200
** Changed in: djbdns (Ubuntu)
Status: In Progress => Fix Released
--
[Intrepid] Security issue could allow dns-poisoning
https://bugs.launchpad.net/bugs/399012
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list