Fix for security vulnerability in NetWare DNS
This document (5032400) is provided subject to the disclaimer at the end of this document.
patches this patch supersedes
| File | Product | Status | Patch |
|---|---|---|---|
| named.nlm | NetWare 6.5 SP7 | Active | Fix for security vulnerability in NetWare DNS |
patches that supersede this patch
patch attributes
document
abstract
bind: spoofing made easier due to non-random UDP source port VU#800113 -- NetWare
details
Overview:
CVE-2008-1447
---------------------------
A number of DNS cache poisoning attacks due to DNS protocol
vulnerabilities have previously been described in public literature:
http://www.kb.cert.org/vuls/id/457875
and most recently with work by Amit Klein at Trusteer:
http://www.trusteer.com/docs/research.html
System Requirements:
nw65sp7
Installation:
Copy named.nlm to sys:\system
restart service by unloading named.nlm and load named.nlm
security fixes
CVE-2008-1447
file contents
Compressed File Name: named.zip.zip
| Files Included | Size | Date |
|---|---|---|
| named.zip/named.nlm | 1.7 MB (1851286) | 2008-08-08 06:53:51 |
| readme_5032400.html | N/A | 2008-08-08 06:56:59 |
| readme.html | N/A | 2008-08-08 06:56:59 |
disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.
Novell is a registered trademark of Novell, Inc. in the United States and other countries. SUSE is a registered trademark of SUSE Linux AG, a Novell business. *All third-party trademarks are the property of their respective owners.
© 2007 Novell, Inc. All Rights Reserved.