/
Security Response/
Multiple Vendor DNS Protocol Insufficient Transaction ID Randomization DNS Spoofing Vulnerability

Multiple Vendor DNS Protocol Insufficient Transaction ID Randomization DNS Spoofing Vulnerability

Risk

High

Date Discovered

July 8, 2008

Description

Multiple vendors' implementations of the DNS protocol are prone to a DNS-spoofing vulnerability because the software fails to securely implement random values when performing DNS queries. Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks. This issue affects Microsoft Windows DNS Clients and Servers, ISC BIND 8 and 9, and multiple Cisco IOS releases; other DNS implementations may also be vulnerable.

Technologies Affected

Apple Mac OS X 10.4.0
Apple Mac OS X 10.4.1
Apple Mac OS X 10.4.10
Apple Mac OS X 10.4.11
Apple Mac OS X 10.4.2
Apple Mac OS X 10.4.3
Apple Mac OS X 10.4.4
Apple Mac OS X 10.4.5
Apple Mac OS X 10.4.6
Apple Mac OS X 10.4.7
Apple Mac OS X 10.4.8
Apple Mac OS X 10.4.9
Apple Mac OS X 10.5
Apple Mac OS X 10.5.1
Apple Mac OS X 10.5.2
Apple Mac OS X 10.5.3
Apple Mac OS X 10.5.4
Apple Mac OS X Server 10.4.0
Apple Mac OS X Server 10.4.1
Apple Mac OS X Server 10.4.10
Apple Mac OS X Server 10.4.11
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.3
Apple Mac OS X Server 10.4.4
Apple Mac OS X Server 10.4.5
Apple Mac OS X Server 10.4.6
Apple Mac OS X Server 10.4.7
Apple Mac OS X Server 10.4.8
Apple Mac OS X Server 10.4.9
Apple Mac OS X Server 10.5
Apple Mac OS X Server 10.5.1
Apple Mac OS X Server 10.5.2
Apple Mac OS X Server 10.5.3
Apple Mac OS X Server 10.5.4
Apple iPhone
Apple iPhone 1
Apple iPhone 1.0.1
Apple iPhone 1.0.2
Apple iPhone 1.1
Apple iPhone 1.1.1
Apple iPhone 1.1.2
Apple iPhone 1.1.3
Apple iPhone 1.1.4
Apple iPhone 2.0
Apple iPhone 2.0.1
Apple iPhone 2.0.2
Apple iPod Touch 1.1
Apple iPod Touch 1.1.1
Apple iPod Touch 1.1.2
Apple iPod Touch 1.1.3
Apple iPod Touch 1.1.4
Apple iPod Touch 2.0
Apple iPod Touch 2.0.1
Apple iPod Touch 2.0.2
Astaro Security Gateway 7
Avaya Messaging Application Server
Avaya Messaging Application Server MM 1.1
Avaya Messaging Application Server MM 2.0
Avaya Messaging Application Server MM 3.0
Avaya Messaging Application Server MM 3.1
Blue Coat Systems Director
Blue Coat Systems PacketShaper
Blue Coat Systems ProxyRA
Blue Coat Systems ProxySG
Blue Coat Systems iShaper
Bluecat Networks Adonis (Firmware) 4.1.0.43
Bluecat Networks Adonis (Firmware) 5.0
Bluecat Networks Adonis (Firmware) 5.0.2.8
Bluecat Networks Adonis (Firmware) 5.0.5
Bluecat Networks Adonis (Firmware) 5.1.0
Bluecat Networks Adonis (Firmware) 5.1.0.7
Bluecat Networks Adonis (Firmware) 5.1.0.8
Bluecat Networks Adonis (Firmware) 5.1.1
Cisco Application & Content Networking Software
Cisco Application & Content Networking Software (ACNS)
Cisco Application & Content Networking Software 4.0.3
Cisco Application & Content Networking Software 4.1.1
Cisco Application & Content Networking Software 4.1.3
Cisco Application & Content Networking Software 4.2.0
Cisco Application & Content Networking Software 4.2.11
Cisco Application & Content Networking Software 4.2.7
Cisco Application & Content Networking Software 4.2.9
Cisco Application & Content Networking Software 5.0.0
Cisco Application & Content Networking Software 5.0.1
Cisco Application & Content Networking Software 5.0.17 .6
Cisco Application & Content Networking Software 5.0.3
Cisco Application & Content Networking Software 5.0.5
Cisco Application & Content Networking Software 5.1.0
Cisco Application & Content Networking Software 5.1.11 .6
Cisco Application & Content Networking Software 5.1.13 .7
Cisco Application & Content Networking Software 5.1.15
Cisco Application & Content Networking Software 5.1.9
Cisco Application & Content Networking Software 5.2.0
Cisco Application & Content Networking Software 5.2.1 .7
Cisco Application & Content Networking Software 5.2.3 .9
Cisco Application & Content Networking Software 5.2.7
Cisco Application & Content Networking Software 5.3.3
Cisco Application & Content Networking Software 5.5.7
Cisco CNS Network Registrar 6.1.0
Cisco CNS Network Registrar 6.1.1
Cisco CNS Network Registrar 6.1.1 .1
Cisco CNS Network Registrar 6.1.1 .2
Cisco CNS Network Registrar 6.1.1 .3
Cisco CNS Network Registrar 6.1.1 .4
Cisco IOS 12.0DB
Cisco IOS 12.0DC
Cisco IOS 12.0T
Cisco IOS 12.0WC
Cisco IOS 12.0XE
Cisco IOS 12.0XK
Cisco IOS 12.0XR
Cisco IOS 12.1
Cisco IOS 12.1AY
Cisco IOS 12.1DB
Cisco IOS 12.1EA
Cisco IOS 12.1EX
Cisco IOS 12.1T
Cisco IOS 12.1XC
Cisco IOS 12.1YE
Cisco IOS 12.2
Cisco IOS 12.2B
Cisco IOS 12.2BW
Cisco IOS 12.2BY
Cisco IOS 12.2CZ
Cisco IOS 12.2T
Cisco IOS 12.2TPC
Cisco IOS 12.2XB
Cisco IOS 12.2XC
Cisco IOS 12.2XG
Cisco IOS 12.2XK
Cisco IOS 12.2XL
Cisco IOS 12.2XT
Cisco IOS 12.2XU
Cisco IOS 12.2YJ
Cisco IOS 12.2YL
Cisco IOS 12.2YM
Cisco IOS 12.2YN
Cisco IOS 12.2YO
Cisco IOS 12.2YT
Cisco IOS 12.2YU
Cisco IOS 12.2YV
Cisco IOS 12.2ZB
Cisco IOS 12.2ZD
Cisco IOS 12.2ZE
Cisco IOS 12.2ZF
Cisco IOS 12.2ZG
Cisco IOS 12.2ZH
Cisco IOS 12.2ZJ
Cisco IOS 12.2ZL
Cisco IOS 12.3
Cisco IOS 12.3B
Cisco IOS 12.3BW
Cisco IOS 12.3T
Cisco IOS 12.3TPC
Cisco IOS 12.3VA
Cisco IOS 12.3XA
Cisco IOS 12.3XB
Cisco IOS 12.3XC
Cisco IOS 12.3XD
Cisco IOS 12.3XE
Cisco IOS 12.3XF
Cisco IOS 12.3XG
Cisco IOS 12.3XH
Cisco IOS 12.3XI
Cisco IOS 12.3XJ
Cisco IOS 12.3XK
Cisco IOS 12.3XQ
Cisco IOS 12.3XR
Cisco IOS 12.3XS
Cisco IOS 12.3XW
Cisco IOS 12.3YA
Cisco IOS 12.3YD
Cisco IOS 12.3YF
Cisco IOS 12.3YG
Cisco IOS 12.3YH
Cisco IOS 12.3YI
Cisco IOS 12.3YK
Cisco IOS 12.3YM
Cisco IOS 12.3YS
Cisco IOS 12.3YT
Cisco IOS 12.3YU
Cisco IOS 12.3YX
Cisco IOS 12.3YZ
Cisco IOS 12.4
Cisco IOS 12.4MD
Cisco IOS 12.4MR
Cisco IOS 12.4SW
Cisco IOS 12.4T
Cisco IOS 12.4XA
Cisco IOS 12.4XB
Cisco IOS 12.4XC
Cisco IOS 12.4XD
Cisco IOS 12.4XE
Cisco IOS 12.4XJ
Cisco IOS 12.4XL
Cisco IOS 12.4XM
Cisco IOS 12.4XN
Cisco IOS 12.4XQ
Cisco IOS 12.4XT
Cisco IOS 12.4XV
Cisco IOS 12.4XW
Cisco IOS 12.4XY
Cisco IOS 12.4XZ
Cisco Network Registar
Cisco Network Registar 6.1
Cisco Network Registar 6.3
Cisco Network Registar 7.0
Citrix Access Gateway Advanced Edition 4.5
Citrix Access Gateway Standard Edition 4.5
Citrix Access Gateway Standard Edition 4.5.6
Citrix Access Gateway Standard Edition 4.5.7
Citrix Access Gateway Standard Edition 4.5.7 Rev A
Citrix NetScaler 8.0 Build 47.8
Citrix NetScaler 8.1 Build 57.3
Debian Linux 4.0
Debian Linux 4.0 Alpha
Debian Linux 4.0 Amd64
Debian Linux 4.0 Arm
Debian Linux 4.0 Hppa
Debian Linux 4.0 Ia-32
Debian Linux 4.0 Ia-64
Debian Linux 4.0 M68k
Debian Linux 4.0 Mips
Debian Linux 4.0 Mipsel
Debian Linux 4.0 Powerpc
Debian Linux 4.0 S/390
Debian Linux 4.0 Sparc
Dnsmasq Dnsmasq 2.35
Dnsmasq Dnsmasq 2.4.1
F5 3-DNS 4.5.0
F5 3-DNS 4.5.11
F5 3-DNS 4.5.12
F5 3-DNS 4.5.13
F5 3-DNS 4.5.14
F5 3-DNS 4.6.0
F5 3-DNS 4.6.1
F5 3-DNS 4.6.2
F5 3-DNS 4.6.3
F5 3-DNS 4.6.4
F5 BigIP 4.5.0
F5 BigIP 4.5.10
F5 BigIP 4.5.11
F5 BigIP 4.5.12
F5 BigIP 4.5.13
F5 BigIP 4.5.14
F5 BigIP 4.5.6
F5 BigIP 4.5.9
F5 BigIP 4.6.0
F5 BigIP 4.6.1
F5 BigIP 4.6.2
F5 BigIP 4.6.3
F5 BigIP 4.6.4
F5 BigIP 8.0
F5 BigIP 9.3
F5 BigIP 9.3.1
F5 BigIP 9.4
F5 BigIP 9.4.3
F5 BigIP 9.4.5
F5 BigIP 9.6
F5 BigIP 9.6.1
F5 Enterprise Manager 1.2
F5 Enterprise Manager 1.4.1
F5 Enterprise Manager 1.6
F5 FirePass 5.5
F5 FirePass 5.5.2
F5 FirePass 6.0
F5 FirePass 6.0.1
F5 FirePass 6.0.2
F5 WANJet 5.0
F5 WANJet 5.0.2
FreeBSD FreeBSD 6.3
FreeBSD FreeBSD 6.3 -RELENG
FreeBSD FreeBSD 7.0
FreeBSD FreeBSD 7.0 -RELENG
Gentoo Linux
Gentoo net-dns/dnsmasq 2.43
HP HP-UX B.11.11
HP HP-UX B.11.23
HP HP-UX B.11.31
HP MPE/iX 6.5.0
HP MPE/iX 7.0.0
HP MPE/iX 7.5.0
HP NonStop Server 6
HP Storage Management Appliance 2.1
HP TCP/IP Services for OpenVMS Alpha 5.4
HP TCP/IP Services for OpenVMS Alpha 5.5
HP TCP/IP Services for OpenVMS Alpha 5.6
HP TCP/IP Services for OpenVMS Integrity 5.5
HP TCP/IP Services for OpenVMS Integrity 5.6
HP Tru64 UNIX 5.1.0 B-3
HP Tru64 UNIX 5.1.0 B-4
IBM AIX 5.2
IBM AIX 5.3
IBM AIX 5.3.7
IBM AIX 5.3.8
IBM AIX 5.3.9
IBM AIX 6.1
IBM AIX 6.1.1
IBM AIX 6.1.2
IPCop IPCop 1.4.10
IPCop IPCop 1.4.11
IPCop IPCop 1.4.12
IPCop IPCop 1.4.13
IPCop IPCop 1.4.14
IPCop IPCop 1.4.15
IPCop IPCop 1.4.16
IPCop IPCop 1.4.17
IPCop IPCop 1.4.18
ISC BIND 8.1.0
ISC BIND 8.1.1
ISC BIND 8.1.2
ISC BIND 8.2.0
ISC BIND 8.2.1
ISC BIND 8.2.2
ISC BIND 8.2.2 P1
ISC BIND 8.2.2 P2
ISC BIND 8.2.2 P3
ISC BIND 8.2.2 P4
ISC BIND 8.2.2 P5
ISC BIND 8.2.2 P6
ISC BIND 8.2.2 P7
ISC BIND 8.2.3
ISC BIND 8.2.3 Beta
ISC BIND 8.2.4
ISC BIND 8.2.5
ISC BIND 8.2.6
ISC BIND 8.2.7
ISC BIND 8.3.0 .0
ISC BIND 8.3.1
ISC BIND 8.3.2
ISC BIND 8.3.3
ISC BIND 8.3.4
ISC BIND 8.3.5
ISC BIND 8.3.6
ISC BIND 8.3.7
ISC BIND 8.4.0
ISC BIND 8.4.1
ISC BIND 8.4.2
ISC BIND 8.4.3
ISC BIND 8.4.4
ISC BIND 8.4.5
ISC BIND 8.4.6
ISC BIND 8.4.7
ISC BIND 8.4.7-P1
ISC BIND 9.0.0
ISC BIND 9.0.1
ISC BIND 9.1.0
ISC BIND 9.1.1
ISC BIND 9.1.2
ISC BIND 9.1.3
ISC BIND 9.2.0
ISC BIND 9.2.1
ISC BIND 9.2.2
ISC BIND 9.2.3
ISC BIND 9.2.4
ISC BIND 9.2.5
ISC BIND 9.2.6
ISC BIND 9.2.6-P1
ISC BIND 9.2.6-P2
ISC BIND 9.2.7
ISC BIND 9.2.7B1
ISC BIND 9.2.7Rc1
ISC BIND 9.2.7Rc2
ISC BIND 9.2.7Rc3
ISC BIND 9.2.8
ISC BIND 9.3.0
ISC BIND 9.3.1
ISC BIND 9.3.2
ISC BIND 9.3.2-P1
ISC BIND 9.3.2-P2
ISC BIND 9.3.3
ISC BIND 9.3.3 B
ISC BIND 9.3.3 Rc1
ISC BIND 9.3.3B1
ISC BIND 9.3.3Rc2
ISC BIND 9.3.3Rc3
ISC BIND 9.3.4
ISC BIND 9.3.5
ISC BIND 9.4.0
ISC BIND 9.4.0 B3
ISC BIND 9.4.0A1
ISC BIND 9.4.0A2
ISC BIND 9.4.0A3
ISC BIND 9.4.0A4
ISC BIND 9.4.0A5
ISC BIND 9.4.0A6
ISC BIND 9.4.0B1
ISC BIND 9.4.0B2
ISC BIND 9.4.0B3
ISC BIND 9.4.0B4
ISC BIND 9.4.0Rc1
ISC BIND 9.4.0Rc2
ISC BIND 9.4.1
ISC BIND 9.4.1-P1
ISC BIND 9.4.3
ISC BIND 9.5.0A1
ISC BIND 9.5.0A2
ISC BIND 9.5.0A3
ISC BIND 9.5.0A4
ISC BIND 9.5.0A5
ISC BIND 9.5.0A6
ISC BIND 9.5.0A7
ISC BIND 9.5.0B1
ISC BIND 9.5.0B2
Infoblox DNS One Appliance 2
Infoblox NIOS 4
Ingate Firewall 4.6.0
Ingate Firewall 4.6.1
Ingate SIParator 4.6.0
Ingate SIParator 4.6.1
Juniper Networks JUNOS 5.0.0
Juniper Networks JUNOS 5.1.0
Juniper Networks JUNOS 5.2.0
Juniper Networks JUNOS 5.3.0
Juniper Networks JUNOS 5.4.0
Juniper Networks JUNOS 5.5.0
Juniper Networks JUNOS 5.6.0
Juniper Networks JUNOS 5.7.0
Juniper Networks JUNOS 6.1.0
Juniper Networks JUNOS 6.2.0
Juniper Networks JUNOS 6.3.0
Juniper Networks JUNOS 6.4.0
Juniper Networks JUNOS 7.3
Juniper Networks JUNOS 8.0.0
Juniper Networks JUNOS 8.4
Juniper Networks JUNOS 8.5.R1
Juniper Networks JUNOSe
Juniper Networks JUNOSe 5.3.5 P0-2
Juniper Networks JUNOSe 6.0.3 P0-6
Juniper Networks JUNOSe 6.0.4
Juniper Networks JUNOSe 6.1.3 P0-1
Juniper Networks JUNOSe 7.0.1 P0-7
Juniper Networks JUNOSe 7.0.2
Juniper Networks JUNOSe 7.1.0 P0-1
Juniper Networks JUNOSe 7.1.1
Juniper Networks ScreenOS 5.1.0
Juniper Networks ScreenOS 5.2.0
Lucent VitalQIP 5.2.0
Lucent VitalQIP 6.0.0
Lucent VitalQIP 6.1 Sp1
Lucent VitalQIP 6.1.0
Lucent VitalQIP 6.2.0
Lucent VitalQIP 7.X
Mandriva Corporate Server 3.0.0
Mandriva Corporate Server 3.0.0 X86 64
Mandriva Corporate Server 4.0
Mandriva Corporate Server 4.0.0 X86 64
Mandriva Linux Mandrake 2007.1
Mandriva Linux Mandrake 2007.1 X86 64
Mandriva Linux Mandrake 2008.0
Mandriva Linux Mandrake 2008.0 X86 64
Mandriva Linux Mandrake 2008.1
Mandriva Linux Mandrake 2008.1 X86 64
Mandriva Multi Network Firewall 2.0.0
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Advanced Server SP1
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Advanced Server SP3
Microsoft Windows 2000 Advanced Server SP4
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Datacenter Server SP1
Microsoft Windows 2000 Datacenter Server SP2
Microsoft Windows 2000 Datacenter Server SP3
Microsoft Windows 2000 Datacenter Server SP4
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Professional SP3
Microsoft Windows 2000 Professional SP4
Microsoft Windows 2000 Server
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Server SP2
Microsoft Windows 2000 Server SP3
Microsoft Windows 2000 Server SP4
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Datacenter Edition Itanium
Microsoft Windows Server 2003 Datacenter Edition Itanium SP1
Microsoft Windows Server 2003 Datacenter Edition SP1
Microsoft Windows Server 2003 Datacenter x64 Edition
Microsoft Windows Server 2003 Datacenter x64 Edition SP2
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Enterprise Edition Itanium
Microsoft Windows Server 2003 Enterprise Edition Itanium SP1
Microsoft Windows Server 2003 Enterprise Edition SP1
Microsoft Windows Server 2003 Enterprise x64 Edition
Microsoft Windows Server 2003 Enterprise x64 Edition SP2
Microsoft Windows Server 2003 Itanium
Microsoft Windows Server 2003 Itanium SP1
Microsoft Windows Server 2003 Itanium SP2
Microsoft Windows Server 2003 SP1
Microsoft Windows Server 2003 SP2
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Standard Edition SP1
Microsoft Windows Server 2003 Standard Edition SP2
Microsoft Windows Server 2003 Standard x64 Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2003 Web Edition SP1
Microsoft Windows Server 2003 Web Edition SP2
Microsoft Windows Server 2003 x64 SP1
Microsoft Windows Server 2003 x64 SP2
Microsoft Windows XP
Microsoft Windows XP Home
Microsoft Windows XP Home SP1
Microsoft Windows XP Home SP2
Microsoft Windows XP Home SP3
Microsoft Windows XP Media Center Edition
Microsoft Windows XP Media Center Edition SP1
Microsoft Windows XP Media Center Edition SP2
Microsoft Windows XP Media Center Edition SP3
Microsoft Windows XP Professional
Microsoft Windows XP Professional SP1
Microsoft Windows XP Professional SP2
Microsoft Windows XP Professional SP3
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Windows XP Tablet PC Edition
Microsoft Windows XP Tablet PC Edition SP1
Microsoft Windows XP Tablet PC Edition SP2
Microsoft Windows XP Tablet PC Edition SP3
NetBSD NetBSD 3,1 RC1
NetBSD NetBSD 3.0.0
NetBSD NetBSD 3.0.1
NetBSD NetBSD 3.0.2
NetBSD NetBSD 3.1
NetBSD NetBSD 3.1 RC3
NetBSD NetBSD 4,0 Beta
NetBSD NetBSD 4.0
NetBSD NetBSD 4.0 BETA2
NetBSD NetBSD Current
Nixu Secure Name Server 1
Nominum Software Caching Name Server (CNS) 3
Nominum Software Vantio (CNS) 3
Nortel Networks BCM 200
Nortel Networks ENSM - Enterprise NMS 10.4
Nortel Networks ENSM - Enterprise NMS 10.5
Nortel Networks Multimedia Comm MCS5100
Nortel Networks NSNA Switch 4050
Nortel Networks NSNA Switch 4070
Nortel Networks Optical AMBB
Nortel Networks Optical Application Platform
Nortel Networks Optical FMBB
Nortel Networks Optical RMBB
Nortel Networks Optical Software Upgrade Manager
Nortel Networks Optical Trail Manager
Nortel Networks PMBB
Nortel Networks SRG 1.0.0
Nortel Networks Self Service VoiceXML
Nortel Networks Self-Service - CCSS7
Nortel Networks Self-Service - Web Centric CCXML
Nortel Networks Self-Service CCXML
Nortel Networks Self-Service MPS 100
Nortel Networks Self-Service MPS 1000
Nortel Networks Self-Service MPS 500
Nortel Networks Self-Service Peri Application
Nortel Networks Self-Service Peri Workstation
Nortel Networks Self-Service Speech Server
Nortel Networks Self-Service WVADS
Nortel Networks Trail Manager Route Advisor
Novell Netware 5.0.0
Novell Netware 5.0.0 SP5
Novell Netware 5.1.0
Novell Netware 5.1.0 SP5
Novell Netware 5.1.0 SP4
Novell Netware 5.1.0 SP6
Novell Netware 6.0.0
Novell Netware 6.0.0 SP1
Novell Netware 6.0.0 SP2
Novell Netware 6.0.0 SP3
Novell Netware 6.5.0
Novell Netware 6.5.0 SP1
Novell Netware 6.5.0 SP2
Novell Netware 6.5.0 SP3
Novell Netware 6.5.0 SP1.1(A)
Novell Netware 6.5.0 SP1.1(B)
Novell Netware 6.5.0 SP4
Novell Netware 6.5.0 SP5
Novell Netware 6.5.0 SP6
Novell Netware 6.5.0 SP7
Novell Open Enterprise Server (OES)
OpenBSD OpenBSD -Current
OpenBSD OpenBSD 4.2
OpenBSD OpenBSD 4.3
Openwall Openwall GNU/*/Linux 2.0-Current
Openwall Openwall GNU/*/Linux 2.0-Stable
Pardus Linux 2007
Pardus Linux 2008
Python DNS Library pydns 2.3.0
Red Hat Advanced Workstation for the Itanium Processor 2.1.0
Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
Red Hat Desktop 3.0.0
Red Hat Desktop 4.0.0
Red Hat Enterprise Linux 5 Server
Red Hat Enterprise Linux AS 2.1
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux Desktop 5 Client
Red Hat Enterprise Linux Desktop Workstation 5 Client
Red Hat Enterprise Linux ES 2.1
Red Hat Enterprise Linux ES 2.1 IA64
Red Hat Enterprise Linux ES 3
Red Hat Enterprise Linux ES 4
Red Hat Enterprise Linux WS 2.1
Red Hat Enterprise Linux WS 2.1 IA64
Red Hat Enterprise Linux WS 3
Red Hat Enterprise Linux WS 4
Red Hat Fedora 8
Red Hat Fedora 9
Secure Computing CyberGuard Classic
Secure Computing CyberGuard TSP
Secure Computing Sidewinder 5.0.0
Secure Computing Sidewinder 5.0.0 .0.01
Secure Computing Sidewinder 5.0.0 .0.02
Secure Computing Sidewinder 5.0.0 .0.03
Secure Computing Sidewinder 5.0.0 .0.04
Secure Computing Sidewinder 5.1.0
Secure Computing Sidewinder 5.1.0 .0.01
Secure Computing Sidewinder 5.1.0 .0.02
Secure Computing Sidewinder 5.1.0 .1
Secure Computing Sidewinder 5.1.0 .1.01
Secure Computing Sidewinder 5.2.0
Secure Computing Sidewinder 5.2.0 .0.01
Secure Computing Sidewinder 5.2.0 .0.02
Secure Computing Sidewinder 5.2.0 .0.03
Secure Computing Sidewinder 5.2.0 .0.04
Secure Computing Sidewinder 5.2.0 .1
Secure Computing Sidewinder 5.2.0 .1.02
Secure Computing Sidewinder 5.2.1 .10
Secure Computing Sidewinder G2 6.1.0 .0.01
Secure Computing Sidewinder G2 6.1.0 .0.02
Secure Computing Sidewinder Software 5.0.0
Secure Computing Sidewinder Software 5.0.0 .0.01
Secure Computing Sidewinder Software 5.0.0 .0.02
Secure Computing Sidewinder Software 5.0.0 .0.03
Secure Computing Sidewinder Software 5.0.0 .0.04
Secure Computing Sidewinder Software 5.1.0
Secure Computing Sidewinder Software 5.1.0 .0.01
Secure Computing Sidewinder Software 5.1.0 .0.02
Secure Computing Sidewinder Software 5.1.0 .1
Secure Computing Sidewinder Software 5.1.0 .1.01
Secure Computing Sidewinder Software 5.2.0
Secure Computing Sidewinder Software 5.2.0 .0.01
Secure Computing Sidewinder Software 5.2.0 .0.02
Secure Computing Sidewinder Software 5.2.0 .0.03
Secure Computing Sidewinder Software 5.2.0 .0.04
Secure Computing Sidewinder Software 5.2.0 .1
Secure Computing Sidewinder Software 5.2.0 .1.02
Slackware Linux -Current
Slackware Linux 10.0.0
Slackware Linux 10.1.0
Slackware Linux 10.2.0
Slackware Linux 11.0
Slackware Linux 12.0
Slackware Linux 12.1
Slackware Linux 8.1.0
Slackware Linux 9.0.0
Slackware Linux 9.1.0
SuSE Novell Linux Desktop 9.0.0
SuSE Novell Linux POS 9
SuSE Open-Enterprise-Server
SuSE SUSE Linux Enterprise Desktop 10 SP1
SuSE SUSE Linux Enterprise Desktop 10 SP2
SuSE SUSE Linux Enterprise SDK 10 SP2
SuSE SUSE Linux Enterprise SDK 10.SP1
SuSE SUSE Linux Enterprise Server 10 SP1
SuSE SUSE Linux Enterprise Server 10 SP2
SuSE SUSE Linux Enterprise Server 9
SuSE openSUSE 10.2
SuSE openSUSE 10.3
SuSE openSUSE 11.0
Sun OpenSolaris
Sun OpenSolaris Build Snv 01
Sun OpenSolaris Build Snv 02
Sun OpenSolaris Build Snv 13
Sun OpenSolaris Build Snv 19
Sun OpenSolaris Build Snv 22
Sun OpenSolaris Build Snv 64
Sun OpenSolaris Build Snv 88
Sun OpenSolaris Build Snv 89
Sun OpenSolaris Build Snv 91
Sun OpenSolaris Build Snv 92
Sun OpenSolaris Build Snv 95
Sun Solaris 10 Sparc
Sun Solaris 10 X86
Sun Solaris 8 Sparc
Sun Solaris 8 X86
Sun Solaris 9 Sparc
Sun Solaris 9 X86
Ubuntu Ubuntu Linux 6.06 LTS Amd64
Ubuntu Ubuntu Linux 6.06 LTS I386
Ubuntu Ubuntu Linux 6.06 LTS Powerpc
Ubuntu Ubuntu Linux 6.06 LTS Sparc
Ubuntu Ubuntu Linux 7.04 Amd64
Ubuntu Ubuntu Linux 7.04 I386
Ubuntu Ubuntu Linux 7.04 Powerpc
Ubuntu Ubuntu Linux 7.04 Sparc
Ubuntu Ubuntu Linux 7.10 Amd64
Ubuntu Ubuntu Linux 7.10 I386
Ubuntu Ubuntu Linux 7.10 Lpia
Ubuntu Ubuntu Linux 7.10 Powerpc
Ubuntu Ubuntu Linux 7.10 Sparc
Ubuntu Ubuntu Linux 8.04 LTS Amd64
Ubuntu Ubuntu Linux 8.04 LTS I386
Ubuntu Ubuntu Linux 8.04 LTS Lpia
Ubuntu Ubuntu Linux 8.04 LTS Powerpc
Ubuntu Ubuntu Linux 8.04 LTS Sparc
VMWare ESX Server 2.5.4
VMWare ESX Server 2.5.5
VMWare ESX Server 3.0.1
VMWare ESX Server 3.0.2
VMWare ESX Server 3.0.3
VMWare ESX Server 3.5
Wind River Systems Linux
Wind River Systems Linux 3.1
Yamaha RT100i
Yamaha RT102i
Yamaha RT103i
Yamaha RT105e
Yamaha RT105i
Yamaha RT105p
Yamaha RT107e
Yamaha RT140e
Yamaha RT140f
Yamaha RT140i
Yamaha RT140p
Yamaha RT200i
Yamaha RT300i
Yamaha RT56v
Yamaha RT57i
Yamaha RT58i
Yamaha RT60w
Yamaha RT80i
Yamaha RTA50i
Yamaha RTA52i
Yamaha RTA54i
Yamaha RTA55i
Yamaha RTV01
Yamaha RTV700
Yamaha RTW65b
Yamaha RTW65i
Yamaha RTX1000
Yamaha RTX1100
Yamaha RTX1500
Yamaha RTX2000
Yamaha RTX3000
Yamaha SRT100
Yukihiro Matsumoto Ruby 1.8.0
Yukihiro Matsumoto Ruby 1.8.1
Yukihiro Matsumoto Ruby 1.8.2
Yukihiro Matsumoto Ruby 1.8.2 Pre1
Yukihiro Matsumoto Ruby 1.8.2 Pre2
Yukihiro Matsumoto Ruby 1.8.2 Pre3
Yukihiro Matsumoto Ruby 1.8.2 Pre4
Yukihiro Matsumoto Ruby 1.8.3
Yukihiro Matsumoto Ruby 1.8.4
Yukihiro Matsumoto Ruby 1.8.5
Yukihiro Matsumoto Ruby 1.8.5-P115
Yukihiro Matsumoto Ruby 1.8.5-P2
Yukihiro Matsumoto Ruby 1.8.5-P230
Yukihiro Matsumoto Ruby 1.8.5-P231
Yukihiro Matsumoto Ruby 1.8.6
Yukihiro Matsumoto Ruby 1.8.6-P114
Yukihiro Matsumoto Ruby 1.8.6-P229
Yukihiro Matsumoto Ruby 1.8.6-P230
Yukihiro Matsumoto Ruby 1.8.6-P286
Yukihiro Matsumoto Ruby 1.8.7
Yukihiro Matsumoto Ruby 1.8.7-P21
Yukihiro Matsumoto Ruby 1.8.7-P22
Yukihiro Matsumoto Ruby 1.8.7-P71
Yukihiro Matsumoto Ruby 1.9.0
Yukihiro Matsumoto Ruby 1.9.0 -2
Yukihiro Matsumoto Ruby 1.9.0-1
pdnsd pdnsd 1.2-Par
pdnsd pdnsd 1.2.1 -Par
pdnsd pdnsd 1.2.2 -Par
pdnsd pdnsd 1.2.3 -Par
pdnsd pdnsd 1.2.4 -Par
pdnsd pdnsd 1.2.6-Par
rPath Appliance Platform Linux Service 1
rPath Appliance Platform Linux Service 2
rPath rPath Linux 1
rPath rPath Linux 2

Recommendations

Block external access at the network boundary, unless external parties require service.

Ensure that only trusted hosts and networks can send DNS responses to affected computers.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.

Use NIDS to detect suspicious or anomalous network traffic. Monitor logs for signs of malicious activity.

The vendor has released an advisory along with fixes to address this issue. Please see the references for more information. NOTE: There are several reports that various firewall and security gateway applications are adversely affected by the changes associated with the fixes for this issue. Some vendors recommend removing the Microsoft patch associated with this issue. Users are advised to use extreme caution and to thoroughly evaluate the impact of removing the patch before doing so. UPDATE: Microsoft has released an updated advisory detailing known issues with their updates. UPDATE (August 1, 2008): Reports indicate that the Apple update for OS X 10.4.11 may not fully address this issue; Symantec has not confirmed this. Please see the references for more information.

References

Credits

Dan Kaminsky of IOActive

Copyright © Symantec Corporation.
Permission to redistribute this alert electronically is granted as long as it is not edited in any way unless authorized by Symantec Security Response. Reprinting the whole or part of this alert in any medium other than electronically requires permission from secure@symantec.com.

Disclaimer
The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.

Symantec, Symantec products, Symantec Security Response, and secure@symantec.com are registered trademarks of Symantec Corp. and/or affiliated companies in the United States and other countries. All other registered and unregistered trademarks represented in this document are the sole property of their respective companies/owners.

Threat Intelligence

threatintel: Why #Email is a Key to Your Castle http://t.co/fWhN07kH5M #2factor
20:30 PM May.21

threatintel: #Symantec protection and information on Operation Hangover http://t.co/Zo0J7PCDzF #Cyberespionage
13:50 PM May.20

threatintel: New Targeted Attack Uses Old Vulnerabilities #SafeNet http://t.co/SNtakL2Yqj #APT
11:50 AM May.17

Follow the Threat Intelligence Twitter feed

STAR Antimalware Protection Technologies

Internet Security Threat Report, Volume 17

Symantec [+]
Norton [+]
- AntiVirus|
- Norton Store|
- Internet Security|
- Mac AntiVirus|
- Mobile Security|
- Norton|
- Spyware|
- Virus Protection|
- Virus Removal|
- Virus Scan
Website Security Solutions [+]
PC Tools [+]

PRODUCTS & SERVICES

POPULAR PRODUCTS

SOLUTIONS

HOW TO BUY

RESOURCES

COMMUNITIES: SYMANTEC CONNECT

Trust the Leader

Symantec SSL Certificates

PRODUCT SUPPORT

PRODUCT SUPPORT FOR ACQUIRED COMPANIES

LICENSING & ACCOUNT MANAGEMENT ASSISTANCE

BUSINESS SUPPORT RESOURCES

COMMUNITIES: SYMANTEC CONNECT

NORTON COMMUNITY

SOCIAL MEDIA

Information Unleashed

The Official Voice of Symantec

STAY SECURE

Updates

Repair

BE INFORMED

24/7 Reporting

Security Technology and Response

PUBLICATIONS

CONTACT US ABOUT

2013 Internet Security Threat Report

Symantec data and analysis on the threat landscape.

TRIALWARE

All Business Trialware

BUY ONLINE

Website Security Solutions

Shop All Business

SHOP NORTON

Most Popular

New Products

My Norton Product

See all Norton offerings

Endpoint Protection Small Business Edition 2013

Buy 3 years and save up to 33% off MSRP.