Re: Another BIND vulnerability (cache poisoning)

Jeffrey H. Coffield wrote:
I contacted HP support for one of my customers and got the following response:

There are 2 part to DNS.
1) Server
- The vulnerability only affects the servers and may render it "compromised", and there is a fix for this.

2) Resolver/client
- The vulnerability will not affect the clients directly and there is no fix for it.


I take it for granted that the above was regarding VMS, right ?

And if so, it was more or less as I thought it was.

Fine then, nothing to care about for me, those managing
the DNS *servers* has to patch *their* systems...

Was that realy what all the fuzz was about ?

Jan-Erik.


But if your client is pointing to a server that was compromised, the client may not get the proper answers from the affected server.
>
The only fix to this is to fix the affected server or point your client to another server that is not compromised.

Regards,

Jay So HP Services


Since these systems point to a corporate DNS server (at another location and the responsibility of another department) I am not asking for the patch but HP said they had one.

At other customers, the OpenVMS systems point to DNS servers provided by their ISPs and I am checking those to see if they are patched. I am using http://www.doxpara.com/ to do the test.

As I understand the problem, once the server your system points to is patched, there is nothing more you can do. If this is not correct, please let me know.

Jeffrey Coffield
www.digitalsynergyinc.com
.

Relevant Pages

  • [UNIX] Roxen Vulnerable to URL Decoding Attack
    ... the host with the privileges of the web server. ... * Restricted file system ... An update package labeled 'Fix for file access vulnerability' is available ...
    (Securiteam)
  • [REVS] Introduction to HTTP Response Splitting
    ... single HTTP request that forces the web server to form an output stream, ... one response. ... HTTP response splitting is a fairly new web application vulnerability. ... Web cache poisoning: In this form a rather larger defacement takes place ...
    (Securiteam)
  • Re: Help - administrator locked out!
    ... Second - thanks for your extremely helpful response. ... with 1 Novell server. ... I don't pretend that I'm some sort of super administrator or anything. ... I agree it's my practices that have got me into trouble in the first ...
    (microsoft.public.windows.server.general)
  • Roxen security alert: URL decoding vulnerable
    ... to files outside of the directories served by the web server. ... An update package labeled 'Fix for file access vulnerability' is ...
    (Bugtraq)
  • [NEWS] Cisco Content Service Switch 11000 Series DNS Negative Cache of Information Denial-of-Service
    ... respond to certain Domain Name Service (DNS) name server record requests ... Global Server Load Balancing. ... This vulnerability in CSS is documented as Cisco Bug IDs CSCdz62499 and ... formulate a response for the client. ...
    (Securiteam)
Quantcast