|Main Archive Page > Month Archives > full-disclosure-uk archives|
rPath Security Advisory: 2009-0009-1
rPath Linux 1
rPath Linux 2
Exposure Level Classification:
Indirect Deterministic Vulnerability Updated Versions: bind=conary.rpath.com@rpl:1/9.3.4_P1-0.7-1 bind=conary.rpath.com@rpl:2/9.4.2_P1-4.2-1 bind-utils=conary.rpath.com@rpl:1/9.3.4_P1-0.7-1 bind-utils=conary.rpath.com@rpl:2/9.4.2_P1-4.2-1
rPath Issue Tracking System:
Previous versions of BIND incorrectly interpret the return value of the OpenSSL DSA_do_verify function. On systems using DNSSEC, a malicious zone could present a malformed DSA certificate and bypass proper certificate validation, allowing spoofing attacks.
rPath Linux does not ship with DNSSEC enabled, and therefore is not, by default, vulnerable to this attack.
Copyright 2009 rPath, Inc.
This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html