----- B a l a B i t S e c u r i t y A d v i s o r y ( B B S A ) ----- PACKAGE : bind9 AFFECTED VERSION : <= 1:9.2.4-1.zorpos6, 1:9.3.2-2ubuntu1.4.zorpos33.4 FIXED : 1:9.2.4-1.zorpos7, 1:9.3.2-2ubuntu1.4.zorpos33.5 SUMMARY : cache poisoning TYPE : remote AFFECTED : ZorpOS 3.1, ZorpOS 3.3 ZORP-OS SPECIFIC : NO BBSA-AUTHOR : Tamás Pál BBSA-ID : BBSA-2008-033 BBSA-ADDRESS : advisory@balabit.hu GNUPG FINGERPRINT : 933E 6763 D32D A01C 1A75 F228 9CB1 81C7 D91E 8915 CVE : CVE-2008-1447 DATE : Jul 10, 2008 ----------------------------------------------------------------------------- BACKGROUND: Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting. For more information, please check the Debian Security Announcement 1603 in the REFERENCES section. SOLUTION: We recommend that you update the affected packages immediately. Upgrading using apt: ~~~~~~~~~~~~~~~~~~~~ Add the following line to /etc/apt/sources.list (if it doesn't contain this line already) ZorpOS version 3.1: deb https://USERNAME:PASSWORD@apt.balabit.hu/zorp-os \ zorp-os-3.1/3.1security zorp-os zorp-os-extra ZorpOS version 3.3: deb https://USERNAME:PASSWORD@apt.balabit.hu/zorp-os \ zorp-os-3.3/3.3security zorp-os zorp-os-extra then issue the following commands as root: apt-get update apt-get -u upgrade The latest upgrades will be downloaded and installed. REFERENCES: http://www.debian.org/security/2008/dsa-1603 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447