|
|
Credit:
The original article can be found at: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01506861
|
|
Vulnerable Systems:
* HP-UX B.11.11 running BIND v9.3.2
* HP-UX B.11.23 running BIND v9.3.2
* HP-UX B.11.31 running BIND v9.3.2
* HP-UX B.11.11 running BIND v9.2.0
* HP-UX B.11.23 running BIND v9.2.0
* HP-UX B.11.31 running BIND v9.2.0
* HP-UX B.11.11 running BIND v8.1.2
The vulnerability could be exploited remotely to cause DNS cache poisoning.
Patch Availability:
Customers running BIND v8.1.2 on HP-UX B.11.11 should upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below.
HP has provided the following software updates / patch to resolve the vulnerabilities for BIND v9.2.0 and BIND v9.3.2:
A new BIND v9.2.0 depot is available to address an issue encountered on HP-UX B.11.11. The new depot is available by contacting HP Support.
The BIND v9.3.2 updates are available for download from:
http://software.hp.com
The patch PHNE_37865 is available from:
http://itrc.hp.com
CVE Information:
CVE-2008-1447
Disclosure Timeline:
Release Date 2008-07-16
Last Updated 2010-12-15
|
|