Summary
The remote host is missing updates announced in
advisory SUSE-SA:2009:059.
Solution
Update your system with the packages as indicated in the referenced security advisory.
https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:059
Insight
The bind DNS server was updated to close a possible cache poisoning vulnerability which allowed to bypass DNSSEC.
This problem can only happen after the other spoofing/poisoning mechanisms have been bypassed already (the port and transaction id randomization). Also this can only happen if the server is setup for DNSSEC. Due to this limitation we consider this a minor issue.
The DNSSEC implementation was redone in 2004 and implemented in bind 9.6.
Earlier bind version do not support the DNSSEC version and so are not affected.
This means that the Bind versions of SUSE Linux Enterprise Server 9 (bind 9.3.4) and SUSE Linux Enterprise Server 10 (bind 9.3.4) are not affected by this problem.
Severity
Classification
-
CVE CVE-2009-4022 -
CVSS Base Score: 2.6
AV:N/AC:H/Au:N/C:N/I:P/A:N
Related Vulnerabilities