科技行者

行者学院 转型私董会 科技行者专题报道 网红大战科技行者

知识库

知识库 安全导航

至顶网安全频道全球DNS曝出重大漏洞 各大IT厂商联手应对

全球DNS曝出重大漏洞 各大IT厂商联手应对

  • 扫一扫
    分享文章到微信

  • 扫一扫
    关注官方公众号
    至顶头条

DNS协议是TCP/IP协议组的一部分,允许DNS客户端查询DNS数据库将主机名解析为IP地址。出于与处理DNS查询相关的处理时间和带宽考虑,大多数DNS服务器都会本地存储从其他DNS服务器所接收到的响应,存储这些响应的区域被称为缓存。

作者:赛迪网 来源:赛迪网 2008年7月15日

关键字: 漏洞 DNS DNS漏洞

  • 评论
  • 分享微博
  • 分享邮件

DNS协议是TCP/IP协议组的一部分,允许DNS客户端查询DNS数据库将主机名解析为IP地址。出于与处理DNS查询相关的处理时间和带宽考虑,大多数DNS服务器都会本地存储从其他DNS服务器所接收到的响应,存储这些响应的区域被称为缓存。

发布日期:2008-07-08

更新日期:2008-07-10

受影响系统:

Cisco IOS 12.4

Cisco IOS 12.3

Cisco IOS 12.2

Cisco IOS 12.1

Cisco IOS 12.0

ISC BIND 9.5.x

ISC BIND 9.4.x

ISC BIND 9.3.x

ISC BIND 9.2.x

ISC BIND 8.x.x

Microsoft Windows XP SP3

Microsoft Windows XP SP2

Microsoft Windows Server 2003 SP2

Microsoft Windows Server 2003 SP1

Microsoft Windows 2000SP4

Sun Solaris 9.0_x86

Sun Solaris 9.0

Sun Solaris 8.0_x86

Sun Solaris 8.0

Sun Solaris 10.0_x86

Sun Solaris 10.0

Cisco Network Registrar 7.0.x

Cisco Network Registrar 6.3.x

Cisco Network Registrar 6.1.x

Cisco Network Registrar

Cisco ACNS 5.5

描述:

----------------------------------------------------------------------------

BUGTRAQ ID: 30131

CVE(CAN) ID: CVE-2008-1447

DNS协议是TCP/IP协议组的一部分,允许DNS客户端查询DNS数据库将主机名解析为IP地址。

出于与处理DNS查询相关的处理时间和带宽考虑,大多数DNS服务器都会本地存储从其他DNS服务器所接收到的响应,存储这些响应的区域被称为缓存。一旦将响应存储到了缓存,DNS服务器就可以在再次查询DNS服务器以刷新本地缓存的响应拷贝之前的一段时间(被称为存活时间)使用本地存储的响应。

DNS缓存中毒攻击指的是更改了DNS服务器的DNS缓存中某项,这样缓存中与主机名相关的IP地址就不再指向正确的位置。例如,如果www.example.com映射到IP地址192.168.0.1且DNS服务器的缓存中存在这个映射,则成功向这个服务器的DNS缓存投毒的攻击者就可以将www.example.com映射到10.0.0.1。在这种情况下,试图访问www.example.com的用户就可能与错误的Web服务器联络。

DNS协议实现规范中包括一个16位的事件ID字段。如果正确地实现了这个规范且通过强随机数生成器随机的选择事件ID的话,攻击者就需要平均32,768次尝试才能成功的预测到这个ID。但由于协议实现中的弱点,用于验证DNS响应的DNS事件ID和源端口号随机性不够强,可以轻易的预测,这就允许攻击者创建匹配期望值的DSN请求伪造响应,而DNS服务器会认为该响应有效,因此简化了缓存中毒攻击。

成功利用这个漏洞可能导致DNS服务器的用户联络错误的网络服务供应商,最终的影响各不相同,从简单的拒绝服务到网络钓鱼和金融诈骗。

<*来源:Dan Kaminsky

链接:http://secunia.com/advisories/31012/

http://secunia.com/advisories/31011/

http://secunia.com/advisories/30980/

http://secunia.com/advisories/30979/

http://secunia.com/advisories/30973/

http://www.kb.cert.org/vuls/id/800113

http://www.us-cert.gov/cas/techalerts/TA08-190B.html

http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx?pf=true

http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml

http://www.debian.org/security/2008/dsa-1605

http://www.debian.org/security/2008/dsa-1604

http://www.debian.org/security/2008/dsa-1603

http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-239392-1

https://www.redhat.com/support/errata/RHSA-2008-0533.html

建议:

----------------------------------------------------------------------------

厂商补丁:

Cisco

-----

Cisco已经为此发布了一个安全公告(cisco-sa-20080708-dns)以及相应补丁:

cisco-sa-20080708-dns:Multiple Cisco Products Vulnerable to DNS Cache Poisoning Attacks

链接:http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml

Debian

------

Debian已经为此发布了一个安全公告(DSA-1603-1)以及相应补丁:

DSA-1603-1:New bind9 packages fix cache poisoning

链接:http://www.debian.org/security/2008/dsa-1603

补丁下载:

Source archives:

http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3.dsc

Size/MD5 checksum: 897 aeb15f8babb1e6e38367b9f19fea87da

http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4.orig.tar.gz

Size/MD5 checksum: 4043577 198181d47c58a0a9c0265862cd5557b0

http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3.diff.gz

Size/MD5 checksum: 302126 521abea46b1104f2251cc398f30af303

Architecture independent packages:

http://security.debian.org/pool/updates/main/b/bind9/bind9-doc_9.3.4-2etch3_all.deb

Size/MD5 checksum: 189560 46ff778db82d2e171d292ecac93ea9b6

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_alpha.deb

Size/MD5 checksum: 98154 bbdbcd3d0840f5ffcf4eaddf5a8c253f

http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_alpha.deb

Size/MD5 checksum: 1407380 ca8995875e76a25de6f32a47f62ea876

http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_alpha.deb

Size/MD5 checksum: 226088 93100774ae6da891caf9fa27a2134cdf

http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_alpha.deb

Size/MD5 checksum: 112616 bca5dcca8abff15f4f9cc911f9f94818

http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_alpha.deb

Size/MD5 checksum: 322286 677fdcf8e9a8c272a08ed47a79e09209

http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_alpha.deb

Size/MD5 checksum: 190084 87d64554a1cdde9f58cc850f7d5961a1

http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_alpha.deb

Size/MD5 checksum: 96508 48ba9fc0e884f093e95988bd4e088b9c

http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_alpha.deb

Size/MD5 checksum: 564862 7b23948d7c741d4f287698d28385ce71

http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_alpha.deb

Size/MD5 checksum: 188742 5dd8024a9864137f4529785fcc9c9231

http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_alpha.deb

Size/MD5 checksum: 116534 2e7dc9ea95bae40dc396ff504abb03bb

http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_alpha.deb

Size/MD5 checksum: 115784 b961fd6c797a2d1422ae588bfc25ed9d

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_amd64.deb

Size/MD5 checksum: 224294 4d33744bb92300b061cad41dd8de7ea5

http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_amd64.deb

Size/MD5 checksum: 1111932 e43ced7eae496d7835247a068bef4a66

http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_amd64.deb

Size/MD5 checksum: 190742 9e39ced5d3464594b9dda6ce683fc653

http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_amd64.deb

Size/MD5 checksum: 319008 e36a35983ebc5061e8669ef7f004a851

http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_amd64.deb

Size/MD5 checksum: 552414 c93c2863bddd5661010ae3472e210aa8

http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_amd64.deb

Size/MD5 checksum: 95922 f114eb76add0d7dabad1d082d38ccf08

http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_amd64.deb

Size/MD5 checksum: 117072 a70d1d96ea01aa24fb9642e09133824f

http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_amd64.deb

Size/MD5 checksum: 187646 70372cec3522356dcd00901ea64714d4

http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_amd64.deb

Size/MD5 checksum: 111270 6dc6edfcca9fecb28c7e66d31ab14a74

http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_amd64.deb

Size/MD5 checksum: 114722 905d0f9b7b5ebc0308c54158e71d03cc

http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_amd64.deb

Size/MD5 checksum: 96704 09d3c850f12a6c1f6eab4e800a118c87

arm architecture (ARM)

http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_arm.deb

Size/MD5 checksum: 107888 b2ea4933e233a1af8dd1e5ee641999a2

http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_arm.deb

Size/MD5 checksum: 112714 27b1fde9b144cacb1ae06a441d7c5787

http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_arm.deb

Size/MD5 checksum: 116076 cafc3294083de02518ab5fe0f0488c3b

http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_arm.deb

Size/MD5 checksum: 532206 a005bdff779fed950e4750231d0184b2

http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_arm.deb

Size/MD5 checksum: 187364 72fdca60a20876be71b678028cefc316

http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_arm.deb

Size/MD5 checksum: 95752 bce98b259a2821d59f6e6b441b491d77

http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_arm.deb

Size/MD5 checksum: 182950 26a15d51a4e6f1ea1dda99ab4d3ea34c

http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_arm.deb

Size/MD5 checksum: 217686 97f538e27ab7c765b514a9ce59869a41

http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_arm.deb

Size/MD5 checksum: 95168 374d7f18915fc8eb6b775d272cf28f2e

http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_arm.deb

Size/MD5 checksum: 1074498 fdada51888027e9c3e89961b31a48ded

http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_arm.deb

Size/MD5 checksum: 311078 43d1c044b0cc81b072b8962ad3b8f019

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_hppa.deb

Size/MD5 checksum: 96986 bba6d0a611b7088e284564b430f91405

http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_hppa.deb

Size/MD5 checksum: 97140 14f3dacd102208700660873637dea18b

http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_hppa.deb

Size/MD5 checksum: 185570 012eb78b091c0991988a95160df7d65d

http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_hppa.deb

Size/MD5 checksum: 115822 d717418b7ec770e5419e0941670eab19

http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_hppa.deb

Size/MD5 checksum: 543342 201331119c074430d503b68dc210e187

http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_hppa.deb

Size/MD5 checksum: 1258146 2f092d0708338d0a3ac8924218fee0d7

http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_hppa.deb

Size/MD5 checksum: 315070 bc8d94bec7b1c8cf80f64fb72d1f38e5

http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_hppa.deb

Size/MD5 checksum: 187942 1cd85afac13850d1807a5b50b9d3262f

http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_hppa.deb

Size/MD5 checksum: 114612 912dc2007ca7cb6097a3e6a4e98897e3

http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_hppa.deb

Size/MD5 checksum: 217378 49276452262a155ba17db2ad8c66e3e2

http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_hppa.deb

Size/MD5 checksum: 113466 428d268ce8ad5386c1af758ca4cff2ce

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_i386.deb

Size/MD5 checksum: 106034 ce4d4a024472317185d4c6492b7d30df

http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_i386.deb

Size/MD5 checksum: 180292 1fd02a86a31b68a8db2407904495a0db

http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_i386.deb

Size/MD5 checksum: 94838 9dbc2734dd8b8bb7c3e7684faabea64e

http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_i386.deb

Size/MD5 checksum: 206330 a22fb6cb47d6e449007d665b9e6d8c52

http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_i386.deb

Size/MD5 checksum: 113162 b9bc5fa7f96313235a53ab6fd819b58b

http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_i386.deb

Size/MD5 checksum: 472708 9edfb07c186a93aea1a2e602e0ee6335

http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_i386.deb

Size/MD5 checksum: 94822 d2fc00416dc090a535b280f48eee7f46

http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_i386.deb

Size/MD5 checksum: 169930 47c43c9738afb7ed72618930dc702ed3

http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_i386.deb

Size/MD5 checksum: 296722 dd1979969210386fc36d119e19e12cc2

http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_i386.deb

Size/MD5 checksum: 996528 56db22ee21e053443e72ccd11a25181b

http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_i386.deb

Size/MD5 checksum: 110134 5491e4e33e43f1300840b62947690b7a

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_ia64.deb

Size/MD5 checksum: 232052 eb9215cb2ba71ded815b4ca6f0ac0744

http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_ia64.deb

Size/MD5 checksum: 99978 ceee4c1dc16fdf2d7fefe1aee6d8dd85

http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_ia64.deb

Size/MD5 checksum: 393324 553b67ca638482db8e1586d231f03abe

http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_ia64.deb

Size/MD5 checksum: 740264 a30c98b25296a147d47d7f44c8418883

http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_ia64.deb

Size/MD5 checksum: 127606 33d62368c2ce437e660708eb6b0ffe2b

http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_ia64.deb

Size/MD5 checksum: 216344 0a0b33f34dbeb744bd8af8ad8388048f

http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_ia64.deb

Size/MD5 checksum: 125806 3aafce71b9e4ecaf01602c409a355b54

http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_ia64.deb

Size/MD5 checksum: 1584302 d982b4443c38056cdeb80b327ee36f3a

http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_ia64.deb

Size/MD5 checksum: 117782 ae8ae735a8054ff473d305b06c90c68a

http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_ia64.deb

Size/MD5 checksum: 102432 4443f6e43cc1e4c7448965a0501bfe54

http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_ia64.deb

Size/MD5 checksum: 280866 c20244c3a06177b934ac804b382b85c7

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_mips.deb

Size/MD5 checksum: 174012 cf61e15aa7c79b40ae94a3c1d08ba496

http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_mips.deb

Size/MD5 checksum: 301476 4094fd919da162322ea07d62378cc664

http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_mips.deb

Size/MD5 checksum: 110326 be73e626902012ca986d4192804017e7

http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_mips.deb

Size/MD5 checksum: 180490 dde7f37a0a2456190461f5f26bf30ab6

http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_mips.deb

Size/MD5 checksum: 1229398 37af92bf5074d9a260fd4ff5346dc4b8

http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_mips.deb

Size/MD5 checksum: 211386 8083484e19ebc9099022954350c6baf7

http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_mips.deb

Size/MD5 checksum: 94992 46f858e2ed33a864539476d25bd9b44f

http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_mips.deb

Size/MD5 checksum: 94230 6bfa6b8d78c46567a341f6174f9aa874

http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_mips.deb

Size/MD5 checksum: 491862 fc2d747a29c0116da5936b4964ef8146

http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_mips.deb

Size/MD5 checksum: 113268 58fb17d2ee0415e13fdad4727534b6cc

http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_mips.deb

Size/MD5 checksum: 107912 5834642a56bb9548510f8cd0a3ae766f

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_mipsel.deb

Size/MD5 checksum: 299514 0b5de102f7ddf83d497498b320613556

http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_mipsel.deb

Size/MD5 checksum: 488260 7b85b99ea5c24f74e531bbd9056672e9

http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_mipsel.deb

Size/MD5 checksum: 1205384 a3211957988d4aaae40776ff41cf6a01

http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_mipsel.deb

Size/MD5 checksum: 113016 dddd0a37c778cd68696318a7adc1abcd

http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_mipsel.deb

Size/MD5 checksum: 110254 6754bc57fcac807b5569531f7e821802

http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_mipsel.deb

Size/MD5 checksum: 174148 23e91bbb42a44ca80535079660813277

http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_mipsel.deb

Size/MD5 checksum: 179630 fa26c51aa248cb502ac54544bdd6ced0

http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_mipsel.deb

Size/MD5 checksum: 210904 21784fc7019a384e78ecc94a10f4e315

http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_mipsel.deb

Size/MD5 checksum: 94936 2068abe2f2e78675ad94ea28579efc87

http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_mipsel.deb

Size/MD5 checksum: 107166 2cfce41a4fc41aa9986cdef01e09705d

http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_mipsel.deb

Size/MD5 checksum: 94098 c95a157cfa3feef62450afdef3fe65a8

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_powerpc.deb

Size/MD5 checksum: 173606 9618a781d59f94f751e18db86cf6b948

http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_powerpc.deb

Size/MD5 checksum: 112276 e786724068250eb53c475a3e51035d51

http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_powerpc.deb

Size/MD5 checksum: 113842 4961da1e75c17f3f00621acfc06d10fe

http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_powerpc.deb

Size/MD5 checksum: 488428 b777fc3fe13b319817f955f116b40e83

http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_powerpc.deb

Size/MD5 checksum: 1167832 75f402f7bf328da5deee364f4266558d

http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_powerpc.deb

Size/MD5 checksum: 96204 57ec688c7f24161e347054dc93fbd757

http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_powerpc.deb

Size/MD5 checksum: 96170 77d5b9189a05f2b3dca7901bff6e56df

http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_powerpc.deb

Size/MD5 checksum: 301276 dddf71278c1f4afbbc49019248f4328e

http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_powerpc.deb

Size/MD5 checksum: 109288 8fd2b3005fcf95e3616ec8a77b3ad322

http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_powerpc.deb

Size/MD5 checksum: 183310 b9eb85b58aaf29a3106d16410c0d379a

http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_powerpc.deb

Size/MD5 checksum: 206830 b286690dde8d1412c2de3fa99f7d3c5b

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_s390.deb

Size/MD5 checksum: 114234 23a30b0e26db0210a1be48c4d44b6d7f

http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_s390.deb

Size/MD5 checksum: 331864 7c3fab929f1e29873ecfc7c7c4b52ddc

http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_s390.deb

Size/MD5 checksum: 116656 8abeeeb22e800f63e4b30e0c2dd974e0

http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_s390.deb

Size/MD5 checksum: 1137342 820a17acdc24ef1dd0c1db7b8e6fc470

http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_s390.deb

Size/MD5 checksum: 233948 635487d4e6ea4d15704bb14b8cf9236c

http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_s390.deb

Size/MD5 checksum: 196598 2198086ee8c358aa3ed5046708a31f45

http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_s390.deb

Size/MD5 checksum: 194704 c897d956b11161ae8e31e4bffb489883

http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_s390.deb

Size/MD5 checksum: 118140 e5e11d59852a32dcd1b78b4aabd22fff

http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_s390.deb

Size/MD5 checksum: 95664 050d558c3d06e520fb4e6c6cebd520c3

http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_s390.deb

Size/MD5 checksum: 579484 6fc80f5cde0c2d01b49ae53f027eeecc

http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_s390.deb

Size/MD5 checksum: 97786 5dda64259aa80e1c2e085e7fc2430299

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch3_sparc.deb

Size/MD5 checksum: 300090 21095a9477d8db8bdbca300235ddc296

http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch3_sparc.deb

Size/MD5 checksum: 210606 8bd074b427b5f732c5584ca265bb2c28

http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch3_sparc.deb

Size/MD5 checksum: 1121664 2750abf3a8e3ffa54d1b15f6a5b6738e

http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch3_sparc.deb

Size/MD5 checksum: 94822 4e2634cf2561a237174a6863377b24cd

http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch3_sparc.deb

Size/MD5 checksum: 175248 4231a2791083fc82977535613d38ef2a

http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch3_sparc.deb

Size/MD5 checksum: 184036 aea98952994fb97c74df02ae4ed2f28d

http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch3_sparc.deb

Size/MD5 checksum: 107574 b6a3a3204c134d54dce2d8d79f77f647

http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch3_sparc.deb

Size/MD5 checksum: 493628 b5c5a9638091fd0d6543a405bfdefd53

http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch3_sparc.deb

Size/MD5 checksum: 94828 4657a6a42f7f2fac5ef96d273e9de4df

http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch3_sparc.deb

Size/MD5 checksum: 114258 32f88744a6e6e648377dda42ff910cbb

http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch3_sparc.deb

Size/MD5 checksum: 111158 a59dbf1edb5518b09b2993049922c01a

补丁安装方法:

1. 手工安装补丁包:

首先,使用下面的命令来下载补丁软件:

# wget url (url是补丁下载链接地址)

然后,使用下面的命令来安装补丁:

# dpkg -i file.deb (file是相应的补丁名)

2. 使用apt-get自动安装补丁包:

首先,使用下面的命令更新内部数据库:

# apt-get update

然后,使用下面的命令安装更新软件包:

# apt-get upgrade

Microsoft

---------

Microsoft已经为此发布了一个安全公告(MS08-037)以及相应补丁:

MS08-037:Vulnerabilities in DNS Could Allow Spoofing (953230)

链接:http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx?pf=true

RedHat

------

RedHat已经为此发布了一个安全公告(RHSA-2008:0533-01)以及相应补丁:

RHSA-2008:0533-01:Important: bind security update

链接:https://www.redhat.com/support/errata/RHSA-2008-0533.html

Sun

---

Sun已经为此发布了一个安全公告(Sun-Alert-239392)以及相应补丁:

Sun-Alert-239392:Security Vulnerability in the DNS Protocol may lead to DNS Cache Poisoning

链接:http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-66-239392-1

    • 评论
    • 分享微博
    • 分享邮件
    邮件订阅

    如果您非常迫切的想了解IT领域最新产品与技术信息,那么订阅至顶网技术邮件将是您的最佳途径之一。

    重磅专题
    往期文章
    最新文章