ISC BIND 9 DNSSEC缓存"毒药"漏洞

漏洞起因
设计错误
 
影响系统
Sun Solaris 9_x86 Update 5
– Sun Solaris 7.0_x86
– Sun Solaris 7.0_x86
– Sun Solaris 7.0_x86
– Sun Solaris 7.0
– Sun Solaris 7.0
– Sun Solaris 7.0
Sun Solaris 9_x86 Update 2
Sun Solaris 9_x86
Sun Solaris 9_sparc
Sun Solaris 9 Update 5
Sun Solaris 9
Sun Solaris 10_x86
Sun Solaris 10_sparc
Sun Solaris 10.0_x86
Sun Solaris 10.0
Sun Solaris 10
Sun OpenSolaris svn_126
Sun OpenSolaris build snv_99
Sun OpenSolaris build snv_98
Sun OpenSolaris build snv_96
Sun OpenSolaris build snv_95
Sun OpenSolaris build snv_94
Sun OpenSolaris build snv_93
Sun OpenSolaris build snv_92
Sun OpenSolaris build snv_91
Sun OpenSolaris build snv_90
Sun OpenSolaris build snv_89
Sun OpenSolaris build snv_88
Sun OpenSolaris build snv_87
Sun OpenSolaris build snv_86
Sun OpenSolaris build snv_85
Sun OpenSolaris build snv_84
Sun OpenSolaris build snv_83
Sun OpenSolaris build snv_82
Sun OpenSolaris build snv_81
Sun OpenSolaris build snv_80
Sun OpenSolaris build snv_78
Sun OpenSolaris build snv_77
Sun OpenSolaris build snv_76
Sun OpenSolaris build snv_68
Sun OpenSolaris build snv_67
Sun OpenSolaris build snv_64
Sun OpenSolaris build snv_61
Sun OpenSolaris build snv_59
Sun OpenSolaris build snv_58
Sun OpenSolaris build snv_57
Sun OpenSolaris build snv_54
Sun OpenSolaris build snv_51
Sun OpenSolaris build snv_50
Sun OpenSolaris build snv_49
Sun OpenSolaris build snv_48
Sun OpenSolaris build snv_47
Sun OpenSolaris build snv_45
Sun OpenSolaris build snv_41
Sun OpenSolaris build snv_39
Sun OpenSolaris build snv_38
Sun OpenSolaris build snv_37
Sun OpenSolaris build snv_36
Sun OpenSolaris build snv_29
Sun OpenSolaris build snv_28
Sun OpenSolaris build snv_22
Sun OpenSolaris build snv_19
Sun OpenSolaris build snv_13
Sun OpenSolaris build snv_127
Sun OpenSolaris build snv_126
Sun OpenSolaris build snv_125
Sun OpenSolaris build snv_124
Sun OpenSolaris build snv_123
Sun OpenSolaris build snv_122
Sun OpenSolaris build snv_121
Sun OpenSolaris build snv_120
Sun OpenSolaris build snv_119
Sun OpenSolaris build snv_118
Sun OpenSolaris build snv_117
Sun OpenSolaris build snv_116
Sun OpenSolaris build snv_115
Sun OpenSolaris build snv_114
Sun OpenSolaris build snv_113
Sun OpenSolaris build snv_112
Sun OpenSolaris build snv_111a
Sun OpenSolaris build snv_111
Sun OpenSolaris build snv_110
Sun OpenSolaris build snv_109
Sun OpenSolaris build snv_108
Sun OpenSolaris build snv_107
Sun OpenSolaris build snv_106
Sun OpenSolaris build snv_105
Sun OpenSolaris build snv_104
Sun OpenSolaris build snv_104
Sun OpenSolaris build snv_103
Sun OpenSolaris build snv_102
Sun OpenSolaris build snv_101a
Sun OpenSolaris build snv_101
Sun OpenSolaris build snv_100
Sun OpenSolaris build snv_02
Sun OpenSolaris build snv_01
Sun OpenSolaris 2009.6
Sun OpenSolaris 0
ISC BIND 9.6 P1
ISC BIND 9.6
ISC BIND 9.5.1 P3
ISC BIND 9.5.1 P1
ISC BIND 9.5 P2-W2
ISC BIND 9.5 P2-W1
ISC BIND 9.5 P2
ISC BIND 9.5 a2
ISC BIND 9.5 a1
ISC BIND 9.4.3 P3
ISC BIND 9.4.3 P1
ISC BIND 9.4.3
ISC BIND 9.4.3
ISC BIND 9.4.2 P2-W2
ISC BIND 9.4.2 P2-W1
ISC BIND 9.4.2 P2
ISC BIND 9.4.1 -P1
ISC BIND 9.4.1
ISC BIND 9.4 rc2
ISC BIND 9.4 rc1
ISC BIND 9.4 b4
ISC BIND 9.4 b3
ISC BIND 9.4 b3
ISC BIND 9.4 b2
ISC BIND 9.4 b1
ISC BIND 9.4 a6
ISC BIND 9.4 a5
ISC BIND 9.4 a4
ISC BIND 9.4 a3
ISC BIND 9.4 a2
ISC BIND 9.4 a1
ISC BIND 9.4
ISC BIND 9.3.6 P1
ISC BIND 9.3.6
ISC BIND 9.3.5 P2-W2
ISC BIND 9.3.5 P2-W1
ISC BIND 9.3.5 P2
ISC BIND 9.3.5
ISC BIND 9.3.4
ISC BIND 9.3.3 rc3
ISC BIND 9.3.3 rc2
ISC BIND 9.3.3 rc1
ISC BIND 9.3.3 rc1
ISC BIND 9.3.3 b1
ISC BIND 9.3.3 b
ISC BIND 9.3.3
ISC BIND 9.3.2 -P2
ISC BIND 9.3.2 -P1
ISC BIND 9.3.2
ISC BIND 9.3.1
ISC BIND 9.3
ISC BIND 9.2.8
ISC BIND 9.2.7 rc3
ISC BIND 9.2.7 rc2
ISC BIND 9.2.7 rc1
ISC BIND 9.2.7 b1
ISC BIND 9.2.7
ISC BIND 9.2.6 -P2
ISC BIND 9.2.6 -P1
ISC BIND 9.2.6
ISC BIND 9.2.5
ISC BIND 9.2.4
ISC BIND 9.2.3
ISC BIND 9.2.2
ISC BIND 9.2.1
+ Caldera OpenUnix 8.0
+ MandrakeSoft Linux Mandrake 7.2
+ MandrakeSoft Single Network Firewall 7.2
+ SCO Unixware 7.1.3
ISC BIND 9.2
ISC BIND 9.1.3
ISC BIND 9.1.2
+ Conectiva Linux 7.0
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.2
ISC BIND 9.1.1
ISC BIND 9.1
+ Caldera OpenUnix 8.0
+ HP Secure OS software for Linux 1.0
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
ISC BIND 9.0.1
ISC BIND 9.0
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 7.0
ISC BIND 9.5.1b1
ISC BIND 9.5.0b2
ISC BIND 9.5.0b1
ISC BIND 9.5.0a7
ISC BIND 9.5.0a6
ISC BIND 9.5.0a5
ISC BIND 9.5.0a4
ISC BIND 9.5.0a3
ISC BIND 9.5.0a3
ISC BIND 9.4.3b2
 
不受影响系统
ISC BIND 9.6.1 P2
ISC BIND 9.5.2 P1
ISC BIND 9.4.3 P4
 
危害
远程攻击者可以利用漏洞进行中间人攻击,站点伪造或拒绝服务攻击。
 
攻击所需条件
攻击者必须访问ISC BIND服务程序。
 
漏洞信息
ISC BIND是一款DNS协议的实现。
当通过checking disabled (CD)解析递归客户端请求,但请求DNSSEC记录(DO)时,BIND会不进行正确的DNSSEC校验就重应答数据段(addtional section)中缓存记录。
攻击者利用此漏洞可以操作缓存数据,进行中间人攻击,站点伪造或拒绝服务攻击。
成功利用漏洞需要域名服务器开启递归查询并且域名服务器能针对客户端执行DNSSEC确认。权威域名服务器不受此漏洞影响。
 
测试方法
 
厂商解决方案
用户可联系供应商下载如下升级程序:
ISC BIND 9.5.1b1
ISC bind-9.5.2-P1.tar.gz
ftp://ftp.isc.org/isc/bind9/9.5.2-P1/bind-9.5.2-P1.tar.gz
ISC BIND 9.5.0a4
ISC bind-9.5.2-P1.tar.gz
ftp://ftp.isc.org/isc/bind9/9.5.2-P1/bind-9.5.2-P1.tar.gz
ISC BIND 9.5.0a7
ISC bind-9.5.2-P1.tar.gz
ftp://ftp.isc.org/isc/bind9/9.5.2-P1/bind-9.5.2-P1.tar.gz
ISC BIND 9.4 b4
ISC bind-9.4.3-P4.tar.gz
ftp://ftp.isc.org/isc/bind9/9.4.3-P4/bind-9.4.3-P4.tar.gz
ISC BIND 9.4 rc2
ISC bind-9.4.3-P4.tar.gz
ftp://ftp.isc.org/isc/bind9/9.4.3-P4/bind-9.4.3-P4.tar.gz
ISC BIND 9.4 a1
ISC bind-9.4.3-P4.tar.gz
ftp://ftp.isc.org/isc/bind9/9.4.3-P4/bind-9.4.3-P4.tar.gz
ISC BIND 9.4 a5
ISC bind-9.4.3-P4.tar.gz
ftp://ftp.isc.org/isc/bind9/9.4.3-P4/bind-9.4.3-P4.tar.gz
ISC BIND 9.4 b2
ISC bind-9.4.3-P4.tar.gz
ftp://ftp.isc.org/isc/bind9/9.4.3-P4/bind-9.4.3-P4.tar.gz
ISC BIND 9.4.1
ISC bind-9.4.3-P4.tar.gz
ftp://ftp.isc.org/isc/bind9/9.4.3-P4/bind-9.4.3-P4.tar.gz
ISC BIND 9.4.1 -P1
ISC bind-9.4.3-P4.tar.gz
ftp://ftp.isc.org/isc/bind9/9.4.3-P4/bind-9.4.3-P4.tar.gz
ISC BIND 9.4.2 P2
ISC bind-9.4.3-P4.tar.gz
ftp://ftp.isc.org/isc/bind9/9.4.3-P4/bind-9.4.3-P4.tar.gz
ISC BIND 9.4.2 P2-W2
ISC bind-9.4.3-P4.tar.gz
ftp://ftp.isc.org/isc/bind9/9.4.3-P4/bind-9.4.3-P4.tar.gz
ISC BIND 9.4.2 P2-W1
ISC bind-9.4.3-P4.tar.gz
ftp://ftp.isc.org/isc/bind9/9.4.3-P4/bind-9.4.3-P4.tar.gz
ISC BIND 9.4.3 P1
ISC bind-9.4.3-P4.tar.gz
ftp://ftp.isc.org/isc/bind9/9.4.3-P4/bind-9.4.3-P4.tar.gz
ISC BIND 9.4.3 P3
ISC bind-9.4.3-P4.tar.gz
ftp://ftp.isc.org/isc/bind9/9.4.3-P4/bind-9.4.3-P4.tar.gz
ISC BIND 9.5 a1
ISC bind-9.5.2-P1.tar.gz
ftp://ftp.isc.org/isc/bind9/9.5.2-P1/bind-9.5.2-P1.tar.gz
ISC BIND 9.5 P2-W2
ISC bind-9.5.2-P1.tar.gz
ftp://ftp.isc.org/isc/bind9/9.5.2-P1/bind-9.5.2-P1.tar.gz
ISC BIND 9.6 P1
ISC bind-9.6.1-P2.tar.gz
ftp://ftp.isc.org/isc/bind9/9.6.1-P2/bind-9.6.1-P2.tar.gz
 
漏洞提供者
Michael Sinatra, UC Berkeley

发表评论?

0 条评论。

发表评论