你在这里

Infoblox NIOS Vulnerability Alert

今天 US-CERT 发布了弱点 VU#800113 (CVE-2008-1447),此弱点是属於 DNS Cache poisoning,多种域名服务器(包含Bind)均有可能被攻击。由於域名服务器协议的不完整及现行的 DNS 运行环境,使得 DNS Cache poisoning 攻击更加容易。 Infoblox 已经修补 NIOS 几个版本,下述版本已解决此问题,若你不是下述的版本请尽速更新:v4.2r5-1、v4.2r4-3、v4.2r3-6 注: 对于跑 3.x 软件的顾客,请与 Infoblox 技术支持联系,以取得更多相关信息。


Today US-CERT issued Vulnerability Note VU#800113 (CVE-2008-1447) related to cache poisoning exploits that could be launched against various name servers, including BIND. Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. Infoblox has already patched several versions of NIOS. These have been posted on the support site, including the following versions: - 4.2r4-3 - 4.2r3-6 Note: For customers running 3.x software revisions, please contact Infoblox Technical Support for more information.