CVE-2008-1447

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2008-1447 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The original article can be found at: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01506861

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2008-1447

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* HP-UX B.11.11 running BIND v9.3.2
* HP-UX B.11.23 running BIND v9.3.2
* HP-UX B.11.31 running BIND v9.3.2
* HP-UX B.11.11 running BIND v9.2.0
* HP-UX B.11.23 running BIND v9.2.0
* HP-UX B.11.31 running BIND v9.2.0
* HP-UX B.11.11 running BIND v8.1.2

The vulnerability could be exploited remotely to cause DNS cache poisoning.

Patch Availability:
Customers running BIND v8.1.2 on HP-UX B.11.11 should upgrade to BIND v9.2.0 or BIND v9.3.2 and apply the updates listed below.
HP has provided the following software updates / patch to resolve the vulnerabilities for BIND v9.2.0 and BIND v9.3.2:
A new BIND v9.2.0 depot is available to address an issue encountered on HP-UX B.11.11. The new depot is available by contacting HP Support.
The BIND v9.3.2 updates are available for download from:
http://software.hp.com
The patch PHNE_37865 is available from:
http://itrc.hp.com

CVE Information:
CVE-2008-1447

Disclosure Timeline:
Release Date 2008-07-16
Last Updated 2010-12-15

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus