var-200707-0675
Vulnerability from variot
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug.". Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. Various implementations of DNS services may allow multiple simultaneous queries for the same resource record, allowing an attacker to apply probabilistic techniques to improve their odds of successful DNS spoofing. In IP NAT filtering in Sun Solaris 10 and OpenSolaris series products, when a DNS server runs NAT, it incorrectly changes the original address of the data packet. And spoof the address returned by the DNS response. This could be used to misdirect users and services; i.e.
This update provides the latest stable BIND releases for all platforms except Corporate Server/Desktop 3.0 and MNF2, which have been patched to correct the issue.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
Updated Packages:
Mandriva Linux 2007.1: 73cc24fc9586b7ab290d755012c16a79 2007.1/i586/bind-9.4.2-0.1mdv2007.1.i586.rpm 70867c50cfd64b4406aa002d627d740b 2007.1/i586/bind-devel-9.4.2-0.1mdv2007.1.i586.rpm 3603e9d9115466753397a1f472011703 2007.1/i586/bind-utils-9.4.2-0.1mdv2007.1.i586.rpm cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64: 4eb7ce0984d3ce3befff667392e3bf3e 2007.1/x86_64/bind-9.4.2-0.1mdv2007.1.x86_64.rpm d7b9a9e7d4c52a5b0c54f59ca20bf2d5 2007.1/x86_64/bind-devel-9.4.2-0.1mdv2007.1.x86_64.rpm c5c66c9609615029d2f07f7b09a63118 2007.1/x86_64/bind-utils-9.4.2-0.1mdv2007.1.x86_64.rpm cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm
Mandriva Linux 2008.0: 52dfe3970fcd9495b2bb9379a9312b25 2008.0/i586/bind-9.4.2-1mdv2008.0.i586.rpm 97d20d35b6814aa2f9fab549ca6237c0 2008.0/i586/bind-devel-9.4.2-1mdv2008.0.i586.rpm 87a7bb3dd25abd8cd882a8f2fdc2398e 2008.0/i586/bind-utils-9.4.2-1mdv2008.0.i586.rpm da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: b9d0337363bc1e2b14505f25d4ee5f99 2008.0/x86_64/bind-9.4.2-1mdv2008.0.x86_64.rpm 9b75e2a96784c00c2912bc3bf333d089 2008.0/x86_64/bind-devel-9.4.2-1mdv2008.0.x86_64.rpm 0a593b090d9e6bda3666e234056e19ba 2008.0/x86_64/bind-utils-9.4.2-1mdv2008.0.x86_64.rpm da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm
Mandriva Linux 2008.1: 2534ef007262d4ea2d219bab0190466c 2008.1/i586/bind-9.5.0-3mdv2008.1.i586.rpm c3feee5d05aa3aee14cd70a2d295d0b1 2008.1/i586/bind-devel-9.5.0-3mdv2008.1.i586.rpm f306c06665b723a2530258e6d1dbdae2 2008.1/i586/bind-doc-9.5.0-3mdv2008.1.i586.rpm 967ef80628f92160930bc3a3827a216e 2008.1/i586/bind-utils-9.5.0-3mdv2008.1.i586.rpm 70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64: 3f4d96d7a7f913c141e1f63cdc7e7336 2008.1/x86_64/bind-9.5.0-3mdv2008.1.x86_64.rpm 420db658366763686198f41394aa72b3 2008.1/x86_64/bind-devel-9.5.0-3mdv2008.1.x86_64.rpm 6f3674f68311494c5a9ff0dbce831e82 2008.1/x86_64/bind-doc-9.5.0-3mdv2008.1.x86_64.rpm 4294b3a086b89bf53c5c967c17962447 2008.1/x86_64/bind-utils-9.5.0-3mdv2008.1.x86_64.rpm 70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm
Corporate 3.0: de2a4372d1c25d73f343c9fcb044c9dd corporate/3.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm 1f24f6dbdb6c02e21cbbef99555049cb corporate/3.0/i586/bind-devel-9.2.3-6.5.C30mdk.i586.rpm 00405b98290d5a41f226081baa57e18d corporate/3.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm 6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm
Corporate 3.0/X86_64: 628162f3d6a414828d2231fefc46842b corporate/3.0/x86_64/bind-9.2.3-6.5.C30mdk.x86_64.rpm dd29ff31a9cffcc1b20fd045869d7013 corporate/3.0/x86_64/bind-devel-9.2.3-6.5.C30mdk.x86_64.rpm c475c1a4d048e04da1fc27dcbb17c3f3 corporate/3.0/x86_64/bind-utils-9.2.3-6.5.C30mdk.x86_64.rpm 6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm
Corporate 4.0: 271ead204904be302d197cd542f5ae23 corporate/4.0/i586/bind-9.3.5-0.4.20060mlcs4.i586.rpm 42413dcc1cf053e735216f767eff4e5d corporate/4.0/i586/bind-devel-9.3.5-0.4.20060mlcs4.i586.rpm 0201afe493a41e1deedc9bf7e9725f4a corporate/4.0/i586/bind-utils-9.3.5-0.4.20060mlcs4.i586.rpm 86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm
Corporate 4.0/X86_64: b1a18a7d0578dab7bd825eda6c682b3d corporate/4.0/x86_64/bind-9.3.5-0.4.20060mlcs4.x86_64.rpm 6a2ebd550feb9147058de05b1a1ef04d corporate/4.0/x86_64/bind-devel-9.3.5-0.4.20060mlcs4.x86_64.rpm 670a1b934ce4974b8505018ab69ade0b corporate/4.0/x86_64/bind-utils-9.3.5-0.4.20060mlcs4.x86_64.rpm 86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm
Multi Network Firewall 2.0: 5b694c24cc2092e38f531dbfdd5c9d41 mnf/2.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm c08bc805027059c47bed32215f17eacb mnf/2.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm 39225289516498e1b071c5059306f2b9 mnf/2.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFIdPwTmqjQ0CJFipgRAm9AAJ9/UOAuOWDL1KgnMNGM/224QGUNQgCfW+G9 J7qxrU208lhOcIjhtq8FWX8= =91dV -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200812-17
http://security.gentoo.org/
Severity: Normal Title: Ruby: Multiple vulnerabilities Date: December 16, 2008 Bugs: #225465, #236060 ID: 200812-17
Synopsis
Multiple vulnerabilities have been discovered in Ruby that allow for attacks including arbitrary code execution and Denial of Service.
Background
Ruby is an interpreted object-oriented programming language. The elaborate standard library includes an HTTP server ("WEBRick") and a class for XML parsing ("REXML").
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 dev-lang/ruby < 1.8.6_p287-r1 >= 1.8.6_p287-r1
Description
Multiple vulnerabilities have been discovered in the Ruby interpreter and its standard libraries. Drew Yao of Apple Product Security discovered the following flaws:
-
Arbitrary code execution or Denial of Service (memory corruption) in the rb_str_buf_append() function (CVE-2008-2662).
-
Arbitrary code execution or Denial of Service (memory corruption) in the rb_ary_stor() function (CVE-2008-2663).
-
Memory corruption via alloca in the rb_str_format() function (CVE-2008-2664).
-
Memory corruption ("REALLOC_N") in the rb_ary_splice() and rb_ary_replace() functions (CVE-2008-2725).
-
Memory corruption ("beg + rlen") in the rb_ary_splice() and rb_ary_replace() functions (CVE-2008-2726).
Furthermore, several other vulnerabilities have been reported:
-
Tanaka Akira reported an issue with resolv.rb that enables attackers to spoof DNS responses (CVE-2008-1447).
-
Akira Tagoh of RedHat discovered a Denial of Service (crash) issue in the rb_ary_fill() function in array.c (CVE-2008-2376).
-
Several safe level bypass vulnerabilities were discovered and reported by Keita Yamaguchi (CVE-2008-3655).
-
Christian Neukirchen is credited for discovering a Denial of Service (CPU consumption) attack in the WEBRick HTTP server (CVE-2008-3656).
-
A fault in the dl module allowed the circumvention of taintness checks which could possibly lead to insecure code execution was reported by "sheepman" (CVE-2008-3657).
-
Tanaka Akira again found a DNS spoofing vulnerability caused by the resolv.rb implementation using poor randomness (CVE-2008-3905).
-
Luka Treiber and Mitja Kolsek (ACROS Security) disclosed a Denial of Service (CPU consumption) vulnerability in the REXML module when dealing with recursive entity expansion (CVE-2008-3790).
Impact
These vulnerabilities allow remote attackers to execute arbitrary code, spoof DNS responses, bypass Ruby's built-in security and taintness checks, and cause a Denial of Service via crash or CPU exhaustion.
Workaround
There is no known workaround at this time.
Resolution
All Ruby users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/ruby-1.8.6_p287-r1"
References
[ 1 ] CVE-2008-1447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 [ 2 ] CVE-2008-2376 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2376 [ 3 ] CVE-2008-2662 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2662 [ 4 ] CVE-2008-2663 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2663 [ 5 ] CVE-2008-2664 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2664 [ 6 ] CVE-2008-2725 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2725 [ 7 ] CVE-2008-2726 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2726 [ 8 ] CVE-2008-3655 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3655 [ 9 ] CVE-2008-3656 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3656 [ 10 ] CVE-2008-3657 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3657 [ 11 ] CVE-2008-3790 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790 [ 12 ] CVE-2008-3905 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3905
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200812-17.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
. The vulnerability could be exploited to poison the DNS cache leading to remote unauthorized access or Denial of Service (DoS). HP-UX B.11.00.
BACKGROUND For a PGP signed version of this security bulletin please write to: security-alert@hp.com
CERT VU#457875 ( http://www.kb.cert.org/vuls/id/457875) reports a potential security vulnerability in the BINDv4 Domain Name Server (DNS).
HP-UX B.11.00 may be affected by this vulnerability if the BINDv4 Domain Name Server (DNS) is configured to do both of the following:
- support recursive requests and cache the results
- respond to DNS requests made by untrusted systems
To determine if an HP-UX system has an affected version, search the output of "swlist -a revision -l fileset" for one of the filesets listed below.
AFFECTED VERSIONS
HP-UX B.11.00
InternetSrvcs.INETSVCS-RUN action: add "options no-recursion" to /etc/named.boot
END AFFECTED VERSIONS
RESOLUTION The potential vulnerability may be avoided by blocking access to the system from untrusted systems or by disabling DNS recursion.
To disable DNS recursion, add the following to /etc/named.boot:
options no-recursion
The option will take effect when named is restarted.
Note: This issue has been previously reported in HPSBGN01156 SSRT2400 rev.0 (7 August 2003). HPSBGN01156 did not have the Affected Versions for the HP-UX Security Patch Check.
MANUAL ACTIONS: Yes - NonUpdate add "options no-recursion" to /etc/named.boot
PRODUCT SPECIFIC INFORMATION HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system.
Background
Dnsmasq is a lightweight and easily-configurable DNS forwarder and DHCP server.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-dns/dnsmasq < 2.45 >= 2.45
Description
-
Dan Kaminsky of IOActive reported that dnsmasq does not randomize UDP source ports when forwarding DNS queries to a recursing DNS server (CVE-2008-1447).
-
Carlos Carvalho reported that dnsmasq in the 2.43 version does not properly handle clients sending inform or renewal queries for unknown DHCP leases, leading to a crash (CVE-2008-3350).
Impact
A remote attacker could send spoofed DNS response traffic to dnsmasq, possibly involving generating queries via multiple vectors, and spoof DNS replies, which could e.g. Furthermore, an attacker could generate invalid DHCP traffic and cause a Denial of Service. =========================================================== Ubuntu Security Notice USN-622-1 July 08, 2008 bind9 vulnerability CVE-2008-1447 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: libdns21 1:9.3.2-2ubuntu1.5
Ubuntu 7.04: libdns22 1:9.3.4-2ubuntu2.3
Ubuntu 7.10: libdns32 1:9.4.1-P1-3ubuntu2
Ubuntu 8.04 LTS: libdns35 1:9.4.2-10ubuntu0.1
In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Dan Kaminsky discovered weaknesses in the DNS protocol as implemented by Bind.
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5.diff.gz
Size/MD5: 104296 a0aed8a7f9c1a914d9047876547c67d4
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5.dsc
Size/MD5: 803 795915bcbaf3e0c97f5ca1b541fecbe1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2.orig.tar.gz
Size/MD5: 5302112 55e709501a7780233c36e25ccd15ece2
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.2-2ubuntu1.5_all.deb
Size/MD5: 180736 0ca869db29381743a0aa2acd480c0d36
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 112040 52e0eb5609ddf50411d43f388a04f917
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 311534 80e47bf514a33cad401524d7f43e044b
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 184862 d09db412eb19271ecb2cf742a1816b05
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 1130056 50d2a84568a66d6ddf47e95b411fad29
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 92116 c71b74708301acf6a6ecbf608fab5d56
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 557278 63dc3e1e6488e6cff0059d1f3e490682
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 190576 c611f958e1393704d0ba84ed707839b1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 93250 f2005aeb8667d262326bf59d82c69ba1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 109046 4ecb1dbb245b01bddac47ea50e84acfd
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 111524 a75c2314434af46dd79be91ba0dba036
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_amd64.deb
Size/MD5: 219944 74b47bf188a3e82200ae564162d61a73
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 108882 b5967775be7b3115c62a4d7f9508b525
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 289854 1873ac12a760a4e14e5b88399658f905
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 175542 ea79ad2e1f210a7e107c90f5770bc806
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 997094 bb0cb2822c28a8e455bf1a928c6d0ef7
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 91336 7bd20507d22e86691fb648d12795fc95
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 482908 d20a97bb56024597c1d158ec69b41c14
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 172564 108d61d18f73a8c51913fb1c84260af9
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 90784 3850d2c7f69c31c2d1d013fb862b587d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 102422 6951c7cdfd7a801b249e33648213d6a4
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 107234 3d8606e265875294b7e150884be8cee7
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_i386.deb
Size/MD5: 203328 eb566ef1e4b485523f33271a001b56f9
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 110524 1efa8d84b535e465623561c1f678a89c
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 303594 9066c6e199c0598b7acd70b561506148
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 181654 c4b4fd9157adf5e449d5df01aef1e7d0
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 1204474 5d029c34854c4fca6b704fce98a74851
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 93418 bb908cbdb8c8028ad2af232f354a0008
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 516882 f8437dfca292d7d1d8b93c6aba2ae73a
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 182374 368127ca61e8e8e5bceb49870cd2bd70
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 93604 4e42b14ee385a7c44ee8c1f728cabff7
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 106410 f2db82079a9d85e5acb19e39eb2ced31
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 111058 06126f085691f8a2c8358e47f0a2d8d7
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_powerpc.deb
Size/MD5: 207816 45a904a0518de2feccc9678f83e4d5ec
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 110620 d5fdd4a4e6e4ea89c4e518f66acecbd1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 301372 e67bc7a6970f534ee5faac384801c895
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 180950 61dfdf0427c07fe2ab35901a64508b5a
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 1116008 8be769301060285de28ad3e568dfd647
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 91674 629c0a0296adcdd7f52547eace987c39
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 511130 8c5a1778a9efd974dded9ca0f8225bdd
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 181286 40c07c235b00a44aac6bbc28795c2c07
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 91184 8a2e4f0670f934d831c8cd1b40a3fa7a
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 103900 80107ec78e4a006784b3a117c05ee1e6
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 106762 8951b01a7b2f97aad4a93210d50850da
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_sparc.deb
Size/MD5: 211124 2978354d73f6a9bf7dcd3c96b919eec0
Updated packages for Ubuntu 7.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3.diff.gz
Size/MD5: 285716 085d15195d25e9ad690d374e9adaecb0
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3.dsc
Size/MD5: 888 9bde4140f2f312c3b4071990f21f5075
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4.orig.tar.gz
Size/MD5: 4043577 198181d47c58a0a9c0265862cd5557b0
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.4-2ubuntu2.3_all.deb
Size/MD5: 187788 25ad7fff219ac84a553e40a6c7af840c
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 118810 baf5548fa89037279840b4158cf9c4eb
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 322984 08a1b75f9a77c618f2e36b0534e1a7be
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 194018 bf92cede850d5f189c8895fdce8141f8
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 1123068 35f889b48402c1bb56c58d2b0f61dbbf
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 96684 98747d65d02a685db5256e417a54870b
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 568742 d25c28c00bfc48ec52c18a3f5df8339a
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 191858 067227f2f582db56911dbf3236e4aea2
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 97646 ef6f169da9562b22237e6c7a3edbafda
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 112594 cf9a0a5c4a940b4ba2d169c9c081dd9f
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 116228 98dd0e9dcf07d0e49f0c4341e775bcf4
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_amd64.deb
Size/MD5: 228496 31efc89af88b933b901d67c61b194ba6
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 115168 6797a4d80f8a4196c8a948ad33bc39fe
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 303544 26dd7cd0aaf4712609a619846302ba21
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 184442 7cb775d8fe3051b3ccda2327d1c3083b
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 1018542 c0fdcbb4acc613859ce6ab4781762ff7
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 95774 5ddb6803f82c9117056a0a5de59aa5d6
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 497640 5d71a76c2185fb7631c07ea415037302
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 175420 a07afa38758a587ed0998b5f78629b3b
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 96014 bc47e546be9c1fd6a19e9d8d8366ed3d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 108214 686dd4ad9fb4413b7778786d667428e2
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 112700 86c736ba2fae3f194498d5f3f6de7306
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_i386.deb
Size/MD5: 213620 00fa556825d7defaa4fc45cad2138b02
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 118214 4081aec0d3d622fbc05dc097cf102e4f
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 324724 09c0e4862ed9691c2527f755683a8b8c
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 194978 b5f813766584254fd824e72baeffc96b
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 1169812 34192103d6041b6f50e7dd6551a6dbf1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 98074 06572e8c43b6eeeeba3352ba3b94ce65
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 511582 21cc7a4347b3bb863a7151ad5cf73bd1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 183468 5844029a87c42bc54a547acaff985442
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 98738 2eed8603e4ba78e0b07e4e21df59e93d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 112116 a8f232fa8d8ab6429c57827ca1af13bc
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 115894 193a734032dcdbb289fbddb68cb350b5
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_powerpc.deb
Size/MD5: 218796 cdc6ccf2614a684ecff0f63f9f96dfe1
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 117664 48cc134e0194e3d732e79ca699f8406b
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 315270 7bc67be9266eaddfc64138c6c01483bc
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 191400 bc4b1922d10028421b14b69bf9d76bb7
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 1141834 af414f9bcf9c42d1e52fe8b2069fc83d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 96070 43a9988edc73a9b4fd2ad6e98338a8fc
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 513792 55b3d92618f678690e91956b131fa330
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 180638 b24a1a0d2d50b9d2fcba45971d23a7a4
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 96248 425e3657f29e865c91be421484089106
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 109716 cddb416bc557fb9cdebc6372312c4350
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 113516 a102110917b6ec739fa2035e1f65e4a6
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_sparc.deb
Size/MD5: 220226 b855b98a0ebde055930e560feec2a3c0
Updated packages for Ubuntu 7.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2.diff.gz
Size/MD5: 300771 40cda1f019e548208ef85f9dad5dfeec
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2.dsc
Size/MD5: 1001 e1318d3386a5d798b700b6d8ed108146
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1.orig.tar.gz
Size/MD5: 4987098 683293e3acc85e30f5ca4bba8a096303
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.4.1-P1-3ubuntu2_all.deb
Size/MD5: 233584 955901705316670276f41c633020a274
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 46106 8d04ee50411a1d62391209b8ccab5dfd
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 278364 1f2de92494c8a7b5e93a53c75cffbb44
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 117148 927ff60a9de441ef3b1a86337c8756a1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 1162042 2d7d3e28b6e8422abc7cdfc41f046c73
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 26006 be5c5f455a5507b9e14b8678dac0f6bb
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 552146 97272ff611d594b7346086268e4765ae
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 130934 4135eb09ffb1df2611dc809a682c74df
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 23180 a6afe8f12bf054deca547c2f72d55a66
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 42424 96a32f1fa3f81841fe7085bb01247f6d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 41990 c90cb0cac5341fb94c7c959983350dd9
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_amd64.deb
Size/MD5: 167296 61645dfcde5c7543d150d829ed113b0d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 42116 2701dd72510ac551881624a6931069ec
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 254750 1300e37afb8268b112ab1718e998d443
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 106990 717db0ad88486bd34c79120f00e02551
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 1040234 db9099b5ac165aaaf6220317d054df8c
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 24768 7b5c03984b957dafa6b4bcd981c5af9f
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 470404 6a7d265fd0aba23035df443e8b78269b
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 113492 685a3b04a9581c29466b67fef742674d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 21570 23a9a67e65a5e2f8dfb836aba5b0ece5
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 36630 cbfc768cbeceb42d104f41307f720688
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 38268 8d71f0b2df12a449fa7c3fd7613ff682
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_i386.deb
Size/MD5: 150304 f9c7b0ee3d4891b06ef4271c62c292d4
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 41828 101a835923e507c0eea60ff08663b1a9
http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 250104 87f9678cd733aacc482b1cd7705a820d
http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 105740 c5035426f0bf196ad4f34d320e9126a5
http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 1025798 47551ddfeb321fd6ff69805bd3c72cf7
http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 24354 9c8a3f39052994adeb0e1277eb9c96d6
http://ports.ubuntu.com/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 449848 d70baaa8ab74b607cc20ac8befd935b3
http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 108538 e64e03f6db0678366f5ed7931bbb7bd8
http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 20936 c735ba0c832279b708b38dd995f90eea
http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 35840 6e09afe7daabc2722145eae0ccf64ebb
http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 36964 7cf9822533618d4eeaaaaca191081a10
http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_lpia.deb
Size/MD5: 146046 3e90eb9276c3c9cd29722b58b44825d6
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 45228 6f58fdfb1a9464505b63d6ee10bfb499
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 279194 7fb180ca0c0fb2197b6cabcb9e5b87c1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 117336 4a6d45d30c6dfd9b7525e9efeb7cc390
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 1209208 c23a85c019b655f9044207a98c9eb472
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 27166 92bd4c64f9914f63fc59973bc0e73d6d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 485638 3c3bff7bcd7df84170d9f45855785f46
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 121410 6eb18c5fee8ef25bfaab05b53a6776d1
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 24308 94df6003c7e061d9a1e1cbcc1ed1133d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 41128 a78b1e2958a2cda0347824e2d9eb7815
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 41354 d826c2e80c70c92c54c407fa6458a2d0
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_powerpc.deb
Size/MD5: 156660 24840c4483eb81fccfd483843c03fc21
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 44760 ff76458f2f3bc437f975710f0f44350f
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 267886 15ae5b64e2d7f0a84610dca3265f36fe
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 114014 18755ede3d638c17c7292bbc0d0b331c
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 1180276 a906d2e8f9b40766735895725112fe04
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 25350 e9e7f9b9c5fc4b6bcaad7e36b7a12c21
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 492286 e367b633343c1841f48eeec01f08e494
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 117916 bee4cf76d903bf902a025ea2362cf5ec
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 21900 0807caba04fee218b416288eae034b93
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 38438 e11c657acb477041666dd3cccd8bfebc
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 39244 da7d911f9a2f97fd6e895736489c22ac
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_sparc.deb
Size/MD5: 156818 cada78841afbf1e0caf13f75eadaba51
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1.diff.gz
Size/MD5: 243611 da5389b9c001fc8105edd135c086b13d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1.dsc
Size/MD5: 998 2588a42ba49dd2702130d159c1f68d6d
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2.orig.tar.gz
Size/MD5: 5021880 0aa73c66c206de3da10029bf5f195347
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.4.2-10ubuntu0.1_all.deb
Size/MD5: 239534 7469deb007e19439a8f5df6a53ecd485
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 47052 24ce8ff319d3a45dc8c572df3bc47ef6
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 282744 5d77a9de6d4267405c6c969792a42243
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 116814 2adb81fed8e7d93cfde2ab01f1050d2e
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 1188376 36c0b944f5e23f76ba587e756e7c4bdb
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 27208 be7b3257b0eb9014f033b4ead73bb7a7
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 550042 268c59c90f72e47690a2f64fccc296c6
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 138186 5f08619b4b4198fb6176f4d914e74b54
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 24666 f584f72af33412695ab6cfb81c891ee4
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 44570 f63b6e57da24654d0ffc243936a5a153
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 42802 4542b6bea7110e1cbf557346fc5536ad
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_amd64.deb
Size/MD5: 171006 c96cfef97c3950ab59b80a7b1d3aa868
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 44692 62a8e406937a5be466977c5b47f9a659
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 267508 da18e50b8467dbd7730640a09c52d188
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 110460 480313c340c47e5d6f5167c11161daa7
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 1065190 6fe78d85bdae7a9970c769dd2d1ebdcf
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 27254 2ba88324a0225ccab2b826dcc2f0f202
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 493370 5916fe8f22b1a19d0dde5f9e9596353f
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 125982 26501d011be6c34b7874b19ceabd0148
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 22852 13693beb84952c55cf78f4275c39aba7
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 38258 34107c4916cb13ac651d16706e9d9b9a
http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 40058 443bc171d30e2f262bb8ce2e3bfe885e
http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_i386.deb
Size/MD5: 159118 b31758442a36011d79dde9c485fca1da
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 45254 659ea8656a46bc1265f0bf3049ffc511
http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 267536 13c20e925a9a9ae1353b63fde5ce8555
http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 111858 ce4c215e0dfc3a4c1e53b431264becf7
http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 1068570 9680708be2a7840be99f2894234757bf
http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 27248 f0a51f7ebaeb86afa2f466c1e4b1b4c0
http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 488706 325b144544a6dfd1917210c9a02ec423
http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 122606 316c7a93002a350fa04f7956483c6efe
http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 22522 66d3aaa993507238b341578bb534a0aa
http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 37670 b58cc5a2d27f02cac5b954cf4cb1cec5
http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 39810 6a5c7b4e2a52a61258d86618f3a27106
http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_lpia.deb
Size/MD5: 158506 b2064557c74e536b96d77a707068c933
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 49064 77fb0a3b0c381e9f4cf561240f801e99
http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 297108 927db70c3f13cb7642f8e9dfe9d2e378
http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 124214 fb0b53b2b7f5fd750c3ee3785038efea
http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 1271364 32f252c1f510f5d0f5f2860a75fccf8b
http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 29764 2111df6f219f9e4a421329209eee6489
http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 529240 e66e625de5160092f4ac4b9b505bd3ae
http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 137960 e581851a0e71ada301415c006e5697d9
http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 26412 12e5213a39740e05cdf4ed87dbfd055e
http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 43508 b8aab766d691b13f0df8796252bfe7a5
http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 44292 78170e54852c2e28718dd26c72148165
http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_powerpc.deb
Size/MD5: 171502 0c747e830656e34d4cd5b84f8ee38551
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 46786 2f07cd43ef71146ec839172a9318eb22
http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 281936 b97f8461fb12702ffde3b1536e11531c
http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 116124 cf6ec9328492c928d5d8064f09d5bcda
http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 1178958 f21fed7bb01a12a74061b3cf03000b54
http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 26652 b650866c75829e84f35592fff5d6c950
http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 500058 d99f74a53d5b2b6167eae4bd9f56d3ed
http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 127824 c93136898c8ce5f8ac90ba46daacc015
http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 22688 e69b52b3505b614f95836502f06bd1ac
http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 38792 3167cb62f05d65b3971cc90f1093cd6a
http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 38984 92a1a25f10ed41b0bd3a25699e5d76ff
http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_sparc.deb
Size/MD5: 169952 3656ebd36bb152e7e18c984f0d8a31fe
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA-1604-1 security@debian.org http://www.debian.org/security/ Florian Weimer July 08, 2008 http://www.debian.org/security/faq
Package : bind Vulnerability : DNS cache poisoning Problem type : remote Debian-specific: no CVE Id(s) : CVE-2008-1447 CERT advisory : VU#800113
Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting.
The BIND 8 legacy code base could not be updated to include the recommended countermeasure (source port randomization, see DSA-1603-1 for details). There are two ways to deal with this situation:
- Upgrade to BIND 9 (or another implementation with source port randomization). The documentation included with BIND 9 contains a migration guide. Configure the BIND 8 resolver to forward queries to a BIND 9 resolver. Provided that the network between both resolvers is trusted, this protects the BIND 8 resolver from cache poisoning attacks (to the same degree that the BIND 9 resolver is protected).
This problem does not apply to BIND 8 when used exclusively as an authoritative DNS server. It is theoretically possible to safely use BIND 8 in this way, but updating to BIND 9 is strongly recommended. BIND 8 (that is, the bind package) will be removed from the etch distribution in a future point release. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01503743 Version: 1
HPSBST02350 SSRT080102 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-037 to MS08-040
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-07-14 Last Updated: 2008-07-14
Potential Security Impact: Please check the table below
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
References: MS08-037 (CVE-2008-1447, CVE-2008-1454), MS08-038 (CVE-2008-1435), MS08-039 (CVE-2008-2247, CVE-2008-2248), MS08-040 (CVE-2008-0085, CVE-2008-0086, CVE-2008-0106, CVE-2008-0107).
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. Storage Management Appliance v2.1 Software running on:
Storage Management Appliance I Storage Management Appliance II Storage Management Appliance III
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score -- Not Applicable -- =============================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
Patches released by Microsoft after MS06-051 are covered by monthly Security Bulletins.
For the full archived list of Microsoft security updates applicable for Storage Management Appliance software v2.1, please refer to the following Security Bulletins available on the IT Resource Center (ITRC) Web site: http://www.itrc.hp.com/service/cki/secBullArchive.do
For patches released by Microsoft in 2003, MS03-001 to MS03-051 refer to Security Bulletin HPSBST02146 For patches released by Microsoft in 2004, MS04-001 to MS04-045 refer to Security Bulletin HPSBST02147 For patches released by Microsoft in 2005, MS05-001 to MS05-055 refer to Security Bulletin HPSBST02148 For patches released by Microsoft in 2006, MS06-001 to MS06-051 refer to Security Bulletin HPSBST02140
The Microsoft patch index archive and further details about all Microsoft patches can be found on the following Web site: http://www.microsoft.com/technet/security/bulletin/summary.mspx
NOTE: The SMA must have all pertinent SMA Service Packs applied
Windows 2000 Update Rollup 1
Customers are advised to download and install the Windows 2000 Update Rollup 1 for Service Pack 4 on SMA v2.1. For more information please refer to the Windows 2000 Update Rollup 1 for Service Pack 4 and Storage Management Appliance v2.1 advisory at the following website: http://h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?contentType=SupportManual&lang=en&cc=us&docIndexId=179111&taskId=101&prodTypeId=12169&prodSeriesId=315667
Windows 2000 Update Rollup 1 for SP4 does not include security updates released after April 30, 2005 starting from MS05-026. It also does not include patches MS04-003 and MS04-028. Please install these patches in addition to Windows 2000 Update Rollup 1 for SP4, if they have not been installed already
RESOLUTION HP strongly recommends the immediate installation of all security patches that apply to third party software which is integrated with SMA software products supplied by HP, and that patches are applied in accordance with an appropriate patch management policy.
NOTE: Patch installation instructions are shown at the end of this table.
MS Patch - MS08-037 Vulnerabilities in DNS Could Allow Spoofing (953230) Analysis - Patch will run successfully. Action - For SMA v2.1, customers should download patch from Microsoft and install.
MS Patch - MS08-038 Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582) Analysis - SMA does not have this component. Action - Patch will not run successfully. Customers should not be concerned with this issue
MS Patch - MS08-039 Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747) Analysis - SMA does not have this component. Action - Patch will not run successfully. Customers should not be concerned with this issue
MS Patch - MS08-040 Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203) Analysis - SMA does not have this component. Action - Patch will not run successfully. Customers should not be concerned with this issue
Installation Instructions: (if applicable)
Download patches to a system other than the SMA Copy the patch to a floppy diskette or to a CD Execute the patch by using Terminal Services to the SMA or by attaching a keyboard, monitor and mouse to the SMA.
Note: The Microsoft Windows Installer 3.1 is supported on SMA v2.1. For more information please refer at the following website: http://www.microsoft.com/downloads/details.aspx?FamilyID=889482fc-5f56-4a38-b838-de776fd4138c&hash=SYSSXDF&displaylang=en
PRODUCT SPECIFIC INFORMATION None
HISTORY Version:1 (rev.1) - 14 July 2008 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
\xa9Copyright 2008 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQA/AwUBSHuXnuAfOvwtKn1ZEQK1JwCg3stqwQ8mf3LcD2QuflMjMZtKvnYAnjnf TEtj6VDp/qFsIXFzdB/JYKQT =eGwf -----END PGP SIGNATURE----- .
Background
VMware Player, Server, and Workstation allow emulation of a complete PC on a PC without the usual performance overhead of most emulators. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. Please review the CVE identifiers referenced below for details.
Impact
Local users may be able to gain escalated privileges, cause a Denial of Service, or gain sensitive information. Remote attackers also may be able to spoof DNS traffic, read arbitrary files, or inject arbitrary web script to the VMware Server Console.
Resolution
Gentoo discontinued support for VMware Player. We recommend that users unmerge VMware Player:
# emerge --unmerge "app-emulation/vmware-player"
NOTE: Users could upgrade to ">=app-emulation/vmware-player-3.1.5", however these packages are not currently stable.
Gentoo discontinued support for VMware Workstation. We recommend that users unmerge VMware Workstation:
# emerge --unmerge "app-emulation/vmware-workstation"
NOTE: Users could upgrade to ">=app-emulation/vmware-workstation-7.1.5", however these packages are not currently stable.
Gentoo discontinued support for VMware Server. Security Advisory (08-AUG-2008) (CVE-2008-3280)
Ben Laurie of Google's Applied Security team, while working with an external researcher, Dr. Richard Clayton of the Computer Laboratory, Cambridge University, found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator (CVE-2008-0166).
In combination with the DNS Cache Poisoning issue (CVE-2008-1447) and the fact that almost all SSL/TLS implementations do not consult CRLs (currently an untracked issue), this means that it is impossible to rely on these OPs.
Attack Description
In order to mount an attack against a vulnerable OP, the attacker first finds the private key corresponding to the weak TLS certificate. He then sets up a website masquerading as the original OP, both for the OpenID protocol and also for HTTP/HTTPS.
Then he poisons the DNS cache of the victim to make it appear that his server is the true OpenID Provider.
There are two cases, one is where the victim is a user trying to identify themselves, in which case, even if they use HTTPS to "ensure" that the site they are visiting is indeed their provider, they will be unable to detect the substitution and will give their login credentials to the attacker.
The second case is where the victim is the Relying Party (RP). In this case, even if the RP uses TLS to connect to the OP, as is recommended for higher assurance, he will not be defended, as the vast majority of OpenID implementations do not check CRLs, and will, therefore, accept the malicious site as the true OP.
Mitigation
Mitigation is surprisingly hard. In theory the vulnerable site should revoke their weak certificate and issue a new one.
However, since the CRLs will almost certainly not be checked, this means the site will still be vulnerable to attack for the lifetime of the certificate (and perhaps beyond, depending on user behaviour). Note that shutting down the site DOES NOT prevent the attack.
Therefore mitigation falls to other parties.
-
Browsers must check CRLs by default.
-
OpenID libraries must check CRLs.
-
Until either 1 and 2 or 3 have been done, OpenID cannot be trusted for any OP that cannot demonstrate it has never had a weak certificate.
Discussion
Normally, when security problems are encountered with a single piece of software, the responsible thing to do is to is to wait until fixes are available before making any announcement. However, as a number of examples in the past have demonstrated, this approach does not work particularly well when many different pieces of software are involved because it is necessary to coordinate a simultaneous release of the fixes, whilst hoping that the very large number of people involved will cooperate in keeping the vulnerability secret.
In the present situation, the fixes will involve considerable development work in adding CRL handling to a great many pieces of openID code. This is a far from trivial amount of work.
The fixes will also involve changes to browser preferences to ensure that CRLs are checked by default -- which many vendors have resisted for years. We are extremely pessimistic that a security vulnerability in OpenID will be seen as sufficiently important to change the browser vendors minds.
Hence, we see no value in delaying this announcement; and by making the details public as soon as possible, we believe that individuals who rely on OpenID will be better able to take their own individual steps to avoid relying upon the flawed certificates we have identified.
OpenID is at heart quite a weak protocol, when used in its most general form[1], and consequently there is very limited reliance upon its security. This means that the consequences of the combination of attacks that are now possible is nothing like as serious as might otherwise have been the case.
However, it does give an insight into the type of security disaster that may occur in the future if we do not start to take CRLs seriously, but merely stick them onto "to-do" lists or disable them in the name of tiny performance improvements.
Affected Sites
There is no central registry of OpenID systems, and so we cannot be sure that we have identified all of the weak certificates that are currently being served. The list of those we have found so far is:
openid.sun.com www.xopenid.net openid.net.nz
Notes
[1] There are ways of using OpenID that are significantly more secure than the commonly deployed scheme, I shall describe those in a separate article.
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200707-0675",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "fujitsu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "infoblox",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.2.9"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "8"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "4"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "alcatel lucent",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "avaya",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bluecat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "force10",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "funkwerk",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "internet consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandriva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nixu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nominum",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "novell",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qnx",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "secure computing network security division",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wind river",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "yamaha",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "dnsmasq",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "isc",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "metasolv",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#457875"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gentoo",
"sources": [
{
"db": "PACKETSTORM",
"id": "73060"
},
{
"db": "PACKETSTORM",
"id": "69643"
},
{
"db": "PACKETSTORM",
"id": "117012"
}
],
"trust": 0.3
},
"cve": "CVE-2008-1447",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2008-1447",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-31572",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.2,
"id": "CVE-2008-1447",
"impactScore": 4.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-1447",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#800113",
"trust": 0.8,
"value": "27.54"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#457875",
"trust": 0.8,
"value": "40.50"
},
{
"author": "VULHUB",
"id": "VHN-31572",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#457875"
},
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka \"DNS Insufficient Socket Entropy Vulnerability\" or \"the Kaminsky bug.\". Deficiencies in the DNS protocol and common DNS implementations facilitate DNS cache poisoning attacks. Various implementations of DNS services may allow multiple simultaneous queries for the same resource record, allowing an attacker to apply probabilistic techniques to improve their odds of successful DNS spoofing. In IP NAT filtering in Sun Solaris 10 and OpenSolaris series products, when a DNS server runs NAT, it incorrectly changes the original address of the data packet. And spoof the address returned by the DNS response. This could be used to misdirect users and services;\n i.e. \n \n This update provides the latest stable BIND releases for all platforms\n except Corporate Server/Desktop 3.0 and MNF2, which have been patched\n to correct the issue. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 2007.1:\n 73cc24fc9586b7ab290d755012c16a79 2007.1/i586/bind-9.4.2-0.1mdv2007.1.i586.rpm\n 70867c50cfd64b4406aa002d627d740b 2007.1/i586/bind-devel-9.4.2-0.1mdv2007.1.i586.rpm\n 3603e9d9115466753397a1f472011703 2007.1/i586/bind-utils-9.4.2-0.1mdv2007.1.i586.rpm \n cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm\n\n Mandriva Linux 2007.1/X86_64:\n 4eb7ce0984d3ce3befff667392e3bf3e 2007.1/x86_64/bind-9.4.2-0.1mdv2007.1.x86_64.rpm\n d7b9a9e7d4c52a5b0c54f59ca20bf2d5 2007.1/x86_64/bind-devel-9.4.2-0.1mdv2007.1.x86_64.rpm\n c5c66c9609615029d2f07f7b09a63118 2007.1/x86_64/bind-utils-9.4.2-0.1mdv2007.1.x86_64.rpm \n cf5e4100ecb21a4eb603831e5a6ec23d 2007.1/SRPMS/bind-9.4.2-0.1mdv2007.1.src.rpm\n\n Mandriva Linux 2008.0:\n 52dfe3970fcd9495b2bb9379a9312b25 2008.0/i586/bind-9.4.2-1mdv2008.0.i586.rpm\n 97d20d35b6814aa2f9fab549ca6237c0 2008.0/i586/bind-devel-9.4.2-1mdv2008.0.i586.rpm\n 87a7bb3dd25abd8cd882a8f2fdc2398e 2008.0/i586/bind-utils-9.4.2-1mdv2008.0.i586.rpm \n da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n b9d0337363bc1e2b14505f25d4ee5f99 2008.0/x86_64/bind-9.4.2-1mdv2008.0.x86_64.rpm\n 9b75e2a96784c00c2912bc3bf333d089 2008.0/x86_64/bind-devel-9.4.2-1mdv2008.0.x86_64.rpm\n 0a593b090d9e6bda3666e234056e19ba 2008.0/x86_64/bind-utils-9.4.2-1mdv2008.0.x86_64.rpm \n da4444a8074e6ede39dfa557fb258db7 2008.0/SRPMS/bind-9.4.2-1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.1:\n 2534ef007262d4ea2d219bab0190466c 2008.1/i586/bind-9.5.0-3mdv2008.1.i586.rpm\n c3feee5d05aa3aee14cd70a2d295d0b1 2008.1/i586/bind-devel-9.5.0-3mdv2008.1.i586.rpm\n f306c06665b723a2530258e6d1dbdae2 2008.1/i586/bind-doc-9.5.0-3mdv2008.1.i586.rpm\n 967ef80628f92160930bc3a3827a216e 2008.1/i586/bind-utils-9.5.0-3mdv2008.1.i586.rpm \n 70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm\n\n Mandriva Linux 2008.1/X86_64:\n 3f4d96d7a7f913c141e1f63cdc7e7336 2008.1/x86_64/bind-9.5.0-3mdv2008.1.x86_64.rpm\n 420db658366763686198f41394aa72b3 2008.1/x86_64/bind-devel-9.5.0-3mdv2008.1.x86_64.rpm\n 6f3674f68311494c5a9ff0dbce831e82 2008.1/x86_64/bind-doc-9.5.0-3mdv2008.1.x86_64.rpm\n 4294b3a086b89bf53c5c967c17962447 2008.1/x86_64/bind-utils-9.5.0-3mdv2008.1.x86_64.rpm \n 70fc7a7964944a2926979710c5148ed1 2008.1/SRPMS/bind-9.5.0-3mdv2008.1.src.rpm\n\n Corporate 3.0:\n de2a4372d1c25d73f343c9fcb044c9dd corporate/3.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm\n 1f24f6dbdb6c02e21cbbef99555049cb corporate/3.0/i586/bind-devel-9.2.3-6.5.C30mdk.i586.rpm\n 00405b98290d5a41f226081baa57e18d corporate/3.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm \n 6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 628162f3d6a414828d2231fefc46842b corporate/3.0/x86_64/bind-9.2.3-6.5.C30mdk.x86_64.rpm\n dd29ff31a9cffcc1b20fd045869d7013 corporate/3.0/x86_64/bind-devel-9.2.3-6.5.C30mdk.x86_64.rpm\n c475c1a4d048e04da1fc27dcbb17c3f3 corporate/3.0/x86_64/bind-utils-9.2.3-6.5.C30mdk.x86_64.rpm \n 6a237dc290f4f7c463b1996e6a4a4515 corporate/3.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm\n\n Corporate 4.0:\n 271ead204904be302d197cd542f5ae23 corporate/4.0/i586/bind-9.3.5-0.4.20060mlcs4.i586.rpm\n 42413dcc1cf053e735216f767eff4e5d corporate/4.0/i586/bind-devel-9.3.5-0.4.20060mlcs4.i586.rpm\n 0201afe493a41e1deedc9bf7e9725f4a corporate/4.0/i586/bind-utils-9.3.5-0.4.20060mlcs4.i586.rpm \n 86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n b1a18a7d0578dab7bd825eda6c682b3d corporate/4.0/x86_64/bind-9.3.5-0.4.20060mlcs4.x86_64.rpm\n 6a2ebd550feb9147058de05b1a1ef04d corporate/4.0/x86_64/bind-devel-9.3.5-0.4.20060mlcs4.x86_64.rpm\n 670a1b934ce4974b8505018ab69ade0b corporate/4.0/x86_64/bind-utils-9.3.5-0.4.20060mlcs4.x86_64.rpm \n 86bc0cdc9ed1b959b6f56e0660268f2e corporate/4.0/SRPMS/bind-9.3.5-0.4.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 5b694c24cc2092e38f531dbfdd5c9d41 mnf/2.0/i586/bind-9.2.3-6.5.C30mdk.i586.rpm\n c08bc805027059c47bed32215f17eacb mnf/2.0/i586/bind-utils-9.2.3-6.5.C30mdk.i586.rpm \n 39225289516498e1b071c5059306f2b9 mnf/2.0/SRPMS/bind-9.2.3-6.5.C30mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFIdPwTmqjQ0CJFipgRAm9AAJ9/UOAuOWDL1KgnMNGM/224QGUNQgCfW+G9\nJ7qxrU208lhOcIjhtq8FWX8=\n=91dV\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200812-17\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Ruby: Multiple vulnerabilities\n Date: December 16, 2008\n Bugs: #225465, #236060\n ID: 200812-17\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been discovered in Ruby that allow for\nattacks including arbitrary code execution and Denial of Service. \n\nBackground\n==========\n\nRuby is an interpreted object-oriented programming language. The\nelaborate standard library includes an HTTP server (\"WEBRick\") and a\nclass for XML parsing (\"REXML\"). \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 dev-lang/ruby \u003c 1.8.6_p287-r1 \u003e= 1.8.6_p287-r1\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in the Ruby interpreter\nand its standard libraries. Drew Yao of Apple Product Security\ndiscovered the following flaws:\n\n* Arbitrary code execution or Denial of Service (memory corruption)\n in the rb_str_buf_append() function (CVE-2008-2662). \n\n* Arbitrary code execution or Denial of Service (memory corruption)\n in the rb_ary_stor() function (CVE-2008-2663). \n\n* Memory corruption via alloca in the rb_str_format() function\n (CVE-2008-2664). \n\n* Memory corruption (\"REALLOC_N\") in the rb_ary_splice() and\n rb_ary_replace() functions (CVE-2008-2725). \n\n* Memory corruption (\"beg + rlen\") in the rb_ary_splice() and\n rb_ary_replace() functions (CVE-2008-2726). \n\nFurthermore, several other vulnerabilities have been reported:\n\n* Tanaka Akira reported an issue with resolv.rb that enables\n attackers to spoof DNS responses (CVE-2008-1447). \n\n* Akira Tagoh of RedHat discovered a Denial of Service (crash) issue\n in the rb_ary_fill() function in array.c (CVE-2008-2376). \n\n* Several safe level bypass vulnerabilities were discovered and\n reported by Keita Yamaguchi (CVE-2008-3655). \n\n* Christian Neukirchen is credited for discovering a Denial of\n Service (CPU consumption) attack in the WEBRick HTTP server\n (CVE-2008-3656). \n\n* A fault in the dl module allowed the circumvention of taintness\n checks which could possibly lead to insecure code execution was\n reported by \"sheepman\" (CVE-2008-3657). \n\n* Tanaka Akira again found a DNS spoofing vulnerability caused by the\n resolv.rb implementation using poor randomness (CVE-2008-3905). \n\n* Luka Treiber and Mitja Kolsek (ACROS Security) disclosed a Denial\n of Service (CPU consumption) vulnerability in the REXML module when\n dealing with recursive entity expansion (CVE-2008-3790). \n\nImpact\n======\n\nThese vulnerabilities allow remote attackers to execute arbitrary code,\nspoof DNS responses, bypass Ruby\u0027s built-in security and taintness\nchecks, and cause a Denial of Service via crash or CPU exhaustion. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Ruby users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=dev-lang/ruby-1.8.6_p287-r1\"\n\nReferences\n==========\n\n [ 1 ] CVE-2008-1447\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447\n [ 2 ] CVE-2008-2376\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2376\n [ 3 ] CVE-2008-2662\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2662\n [ 4 ] CVE-2008-2663\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2663\n [ 5 ] CVE-2008-2664\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2664\n [ 6 ] CVE-2008-2725\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2725\n [ 7 ] CVE-2008-2726\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2726\n [ 8 ] CVE-2008-3655\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3655\n [ 9 ] CVE-2008-3656\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3656\n [ 10 ] CVE-2008-3657\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3657\n [ 11 ] CVE-2008-3790\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790\n [ 12 ] CVE-2008-3905\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3905\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200812-17.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2008 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. The vulnerability could be exploited to \npoison the DNS cache leading to remote unauthorized access or Denial of Service \n(DoS). \nHP-UX B.11.00. \n\nBACKGROUND\nFor a PGP signed version of this security bulletin please write to: security-alert@hp.com \n\nCERT VU#457875 ( http://www.kb.cert.org/vuls/id/457875) reports a potential security \nvulnerability in the BINDv4 Domain Name Server (DNS). \n\nHP-UX B.11.00 may be affected by this vulnerability if the BINDv4 Domain Name Server \n(DNS) is configured to do both of the following:\n\n * support recursive requests and cache the results \n * respond to DNS requests made by untrusted systems \n\nTo determine if an HP-UX system has an affected version, search the output of \n\"swlist -a revision -l fileset\" for one of the filesets listed below. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.00\n=============\nInternetSrvcs.INETSVCS-RUN\naction: add \"options no-recursion\" to /etc/named.boot\n\nEND AFFECTED VERSIONS\n\nRESOLUTION\nThe potential vulnerability may be avoided by blocking access to the system from \nuntrusted systems or by disabling DNS recursion. \n\nTo disable DNS recursion, add the following to /etc/named.boot:\n\n options no-recursion \n\nThe option will take effect when named is restarted. \n\nNote: This issue has been previously reported in HPSBGN01156 SSRT2400 rev.0 (7 August 2003). HPSBGN01156 did not have the Affected Versions for the HP-UX Security Patch Check. \n\nMANUAL ACTIONS: Yes - NonUpdate\nadd \"options no-recursion\" to /etc/named.boot\n\nPRODUCT SPECIFIC INFORMATION \nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. \n\nBackground\n==========\n\nDnsmasq is a lightweight and easily-configurable DNS forwarder and DHCP\nserver. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-dns/dnsmasq \u003c 2.45 \u003e= 2.45\n\nDescription\n===========\n\n* Dan Kaminsky of IOActive reported that dnsmasq does not randomize\n UDP source ports when forwarding DNS queries to a recursing DNS\n server (CVE-2008-1447). \n\n* Carlos Carvalho reported that dnsmasq in the 2.43 version does not\n properly handle clients sending inform or renewal queries for unknown\n DHCP leases, leading to a crash (CVE-2008-3350). \n\nImpact\n======\n\nA remote attacker could send spoofed DNS response traffic to dnsmasq,\npossibly involving generating queries via multiple vectors, and spoof\nDNS replies, which could e.g. Furthermore, an attacker could generate\ninvalid DHCP traffic and cause a Denial of Service. =========================================================== \nUbuntu Security Notice USN-622-1 July 08, 2008\nbind9 vulnerability\nCVE-2008-1447\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 7.04\nUbuntu 7.10\nUbuntu 8.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n libdns21 1:9.3.2-2ubuntu1.5\n\nUbuntu 7.04:\n libdns22 1:9.3.4-2ubuntu2.3\n\nUbuntu 7.10:\n libdns32 1:9.4.1-P1-3ubuntu2\n\nUbuntu 8.04 LTS:\n libdns35 1:9.4.2-10ubuntu0.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. \n\nDetails follow:\n\nDan Kaminsky discovered weaknesses in the DNS protocol as implemented\nby Bind. \n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5.diff.gz\n Size/MD5: 104296 a0aed8a7f9c1a914d9047876547c67d4\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5.dsc\n Size/MD5: 803 795915bcbaf3e0c97f5ca1b541fecbe1\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2.orig.tar.gz\n Size/MD5: 5302112 55e709501a7780233c36e25ccd15ece2\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.2-2ubuntu1.5_all.deb\n Size/MD5: 180736 0ca869db29381743a0aa2acd480c0d36\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_amd64.deb\n Size/MD5: 112040 52e0eb5609ddf50411d43f388a04f917\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_amd64.deb\n Size/MD5: 311534 80e47bf514a33cad401524d7f43e044b\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_amd64.deb\n Size/MD5: 184862 d09db412eb19271ecb2cf742a1816b05\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_amd64.deb\n Size/MD5: 1130056 50d2a84568a66d6ddf47e95b411fad29\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_amd64.deb\n Size/MD5: 92116 c71b74708301acf6a6ecbf608fab5d56\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_amd64.deb\n Size/MD5: 557278 63dc3e1e6488e6cff0059d1f3e490682\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_amd64.deb\n Size/MD5: 190576 c611f958e1393704d0ba84ed707839b1\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_amd64.deb\n Size/MD5: 93250 f2005aeb8667d262326bf59d82c69ba1\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_amd64.deb\n Size/MD5: 109046 4ecb1dbb245b01bddac47ea50e84acfd\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_amd64.deb\n Size/MD5: 111524 a75c2314434af46dd79be91ba0dba036\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_amd64.deb\n Size/MD5: 219944 74b47bf188a3e82200ae564162d61a73\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_i386.deb\n Size/MD5: 108882 b5967775be7b3115c62a4d7f9508b525\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_i386.deb\n Size/MD5: 289854 1873ac12a760a4e14e5b88399658f905\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_i386.deb\n Size/MD5: 175542 ea79ad2e1f210a7e107c90f5770bc806\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_i386.deb\n Size/MD5: 997094 bb0cb2822c28a8e455bf1a928c6d0ef7\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_i386.deb\n Size/MD5: 91336 7bd20507d22e86691fb648d12795fc95\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_i386.deb\n Size/MD5: 482908 d20a97bb56024597c1d158ec69b41c14\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_i386.deb\n Size/MD5: 172564 108d61d18f73a8c51913fb1c84260af9\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_i386.deb\n Size/MD5: 90784 3850d2c7f69c31c2d1d013fb862b587d\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_i386.deb\n Size/MD5: 102422 6951c7cdfd7a801b249e33648213d6a4\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_i386.deb\n Size/MD5: 107234 3d8606e265875294b7e150884be8cee7\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_i386.deb\n Size/MD5: 203328 eb566ef1e4b485523f33271a001b56f9\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_powerpc.deb\n Size/MD5: 110524 1efa8d84b535e465623561c1f678a89c\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_powerpc.deb\n Size/MD5: 303594 9066c6e199c0598b7acd70b561506148\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_powerpc.deb\n Size/MD5: 181654 c4b4fd9157adf5e449d5df01aef1e7d0\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_powerpc.deb\n Size/MD5: 1204474 5d029c34854c4fca6b704fce98a74851\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_powerpc.deb\n Size/MD5: 93418 bb908cbdb8c8028ad2af232f354a0008\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_powerpc.deb\n Size/MD5: 516882 f8437dfca292d7d1d8b93c6aba2ae73a\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_powerpc.deb\n Size/MD5: 182374 368127ca61e8e8e5bceb49870cd2bd70\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_powerpc.deb\n Size/MD5: 93604 4e42b14ee385a7c44ee8c1f728cabff7\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_powerpc.deb\n Size/MD5: 106410 f2db82079a9d85e5acb19e39eb2ced31\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_powerpc.deb\n Size/MD5: 111058 06126f085691f8a2c8358e47f0a2d8d7\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_powerpc.deb\n Size/MD5: 207816 45a904a0518de2feccc9678f83e4d5ec\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_sparc.deb\n Size/MD5: 110620 d5fdd4a4e6e4ea89c4e518f66acecbd1\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_sparc.deb\n Size/MD5: 301372 e67bc7a6970f534ee5faac384801c895\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_sparc.deb\n Size/MD5: 180950 61dfdf0427c07fe2ab35901a64508b5a\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_sparc.deb\n Size/MD5: 1116008 8be769301060285de28ad3e568dfd647\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_sparc.deb\n Size/MD5: 91674 629c0a0296adcdd7f52547eace987c39\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_sparc.deb\n Size/MD5: 511130 8c5a1778a9efd974dded9ca0f8225bdd\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_sparc.deb\n Size/MD5: 181286 40c07c235b00a44aac6bbc28795c2c07\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_sparc.deb\n Size/MD5: 91184 8a2e4f0670f934d831c8cd1b40a3fa7a\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_sparc.deb\n Size/MD5: 103900 80107ec78e4a006784b3a117c05ee1e6\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_sparc.deb\n Size/MD5: 106762 8951b01a7b2f97aad4a93210d50850da\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_sparc.deb\n Size/MD5: 211124 2978354d73f6a9bf7dcd3c96b919eec0\n\nUpdated packages for Ubuntu 7.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3.diff.gz\n Size/MD5: 285716 085d15195d25e9ad690d374e9adaecb0\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3.dsc\n Size/MD5: 888 9bde4140f2f312c3b4071990f21f5075\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4.orig.tar.gz\n Size/MD5: 4043577 198181d47c58a0a9c0265862cd5557b0\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.4-2ubuntu2.3_all.deb\n Size/MD5: 187788 25ad7fff219ac84a553e40a6c7af840c\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_amd64.deb\n Size/MD5: 118810 baf5548fa89037279840b4158cf9c4eb\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_amd64.deb\n Size/MD5: 322984 08a1b75f9a77c618f2e36b0534e1a7be\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_amd64.deb\n Size/MD5: 194018 bf92cede850d5f189c8895fdce8141f8\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_amd64.deb\n Size/MD5: 1123068 35f889b48402c1bb56c58d2b0f61dbbf\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_amd64.deb\n Size/MD5: 96684 98747d65d02a685db5256e417a54870b\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_amd64.deb\n Size/MD5: 568742 d25c28c00bfc48ec52c18a3f5df8339a\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_amd64.deb\n Size/MD5: 191858 067227f2f582db56911dbf3236e4aea2\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_amd64.deb\n Size/MD5: 97646 ef6f169da9562b22237e6c7a3edbafda\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_amd64.deb\n Size/MD5: 112594 cf9a0a5c4a940b4ba2d169c9c081dd9f\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_amd64.deb\n Size/MD5: 116228 98dd0e9dcf07d0e49f0c4341e775bcf4\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_amd64.deb\n Size/MD5: 228496 31efc89af88b933b901d67c61b194ba6\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_i386.deb\n Size/MD5: 115168 6797a4d80f8a4196c8a948ad33bc39fe\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_i386.deb\n Size/MD5: 303544 26dd7cd0aaf4712609a619846302ba21\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_i386.deb\n Size/MD5: 184442 7cb775d8fe3051b3ccda2327d1c3083b\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_i386.deb\n Size/MD5: 1018542 c0fdcbb4acc613859ce6ab4781762ff7\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_i386.deb\n Size/MD5: 95774 5ddb6803f82c9117056a0a5de59aa5d6\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_i386.deb\n Size/MD5: 497640 5d71a76c2185fb7631c07ea415037302\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_i386.deb\n Size/MD5: 175420 a07afa38758a587ed0998b5f78629b3b\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_i386.deb\n Size/MD5: 96014 bc47e546be9c1fd6a19e9d8d8366ed3d\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_i386.deb\n Size/MD5: 108214 686dd4ad9fb4413b7778786d667428e2\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_i386.deb\n Size/MD5: 112700 86c736ba2fae3f194498d5f3f6de7306\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_i386.deb\n Size/MD5: 213620 00fa556825d7defaa4fc45cad2138b02\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_powerpc.deb\n Size/MD5: 118214 4081aec0d3d622fbc05dc097cf102e4f\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_powerpc.deb\n Size/MD5: 324724 09c0e4862ed9691c2527f755683a8b8c\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_powerpc.deb\n Size/MD5: 194978 b5f813766584254fd824e72baeffc96b\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_powerpc.deb\n Size/MD5: 1169812 34192103d6041b6f50e7dd6551a6dbf1\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_powerpc.deb\n Size/MD5: 98074 06572e8c43b6eeeeba3352ba3b94ce65\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_powerpc.deb\n Size/MD5: 511582 21cc7a4347b3bb863a7151ad5cf73bd1\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_powerpc.deb\n Size/MD5: 183468 5844029a87c42bc54a547acaff985442\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_powerpc.deb\n Size/MD5: 98738 2eed8603e4ba78e0b07e4e21df59e93d\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_powerpc.deb\n Size/MD5: 112116 a8f232fa8d8ab6429c57827ca1af13bc\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_powerpc.deb\n Size/MD5: 115894 193a734032dcdbb289fbddb68cb350b5\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_powerpc.deb\n Size/MD5: 218796 cdc6ccf2614a684ecff0f63f9f96dfe1\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_sparc.deb\n Size/MD5: 117664 48cc134e0194e3d732e79ca699f8406b\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_sparc.deb\n Size/MD5: 315270 7bc67be9266eaddfc64138c6c01483bc\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_sparc.deb\n Size/MD5: 191400 bc4b1922d10028421b14b69bf9d76bb7\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_sparc.deb\n Size/MD5: 1141834 af414f9bcf9c42d1e52fe8b2069fc83d\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_sparc.deb\n Size/MD5: 96070 43a9988edc73a9b4fd2ad6e98338a8fc\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_sparc.deb\n Size/MD5: 513792 55b3d92618f678690e91956b131fa330\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_sparc.deb\n Size/MD5: 180638 b24a1a0d2d50b9d2fcba45971d23a7a4\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_sparc.deb\n Size/MD5: 96248 425e3657f29e865c91be421484089106\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_sparc.deb\n Size/MD5: 109716 cddb416bc557fb9cdebc6372312c4350\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_sparc.deb\n Size/MD5: 113516 a102110917b6ec739fa2035e1f65e4a6\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_sparc.deb\n Size/MD5: 220226 b855b98a0ebde055930e560feec2a3c0\n\nUpdated packages for Ubuntu 7.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2.diff.gz\n Size/MD5: 300771 40cda1f019e548208ef85f9dad5dfeec\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2.dsc\n Size/MD5: 1001 e1318d3386a5d798b700b6d8ed108146\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1.orig.tar.gz\n Size/MD5: 4987098 683293e3acc85e30f5ca4bba8a096303\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.4.1-P1-3ubuntu2_all.deb\n Size/MD5: 233584 955901705316670276f41c633020a274\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_amd64.deb\n Size/MD5: 46106 8d04ee50411a1d62391209b8ccab5dfd\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_amd64.deb\n Size/MD5: 278364 1f2de92494c8a7b5e93a53c75cffbb44\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_amd64.deb\n Size/MD5: 117148 927ff60a9de441ef3b1a86337c8756a1\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_amd64.deb\n Size/MD5: 1162042 2d7d3e28b6e8422abc7cdfc41f046c73\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_amd64.deb\n Size/MD5: 26006 be5c5f455a5507b9e14b8678dac0f6bb\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_amd64.deb\n Size/MD5: 552146 97272ff611d594b7346086268e4765ae\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_amd64.deb\n Size/MD5: 130934 4135eb09ffb1df2611dc809a682c74df\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_amd64.deb\n Size/MD5: 23180 a6afe8f12bf054deca547c2f72d55a66\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_amd64.deb\n Size/MD5: 42424 96a32f1fa3f81841fe7085bb01247f6d\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_amd64.deb\n Size/MD5: 41990 c90cb0cac5341fb94c7c959983350dd9\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_amd64.deb\n Size/MD5: 167296 61645dfcde5c7543d150d829ed113b0d\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_i386.deb\n Size/MD5: 42116 2701dd72510ac551881624a6931069ec\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_i386.deb\n Size/MD5: 254750 1300e37afb8268b112ab1718e998d443\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_i386.deb\n Size/MD5: 106990 717db0ad88486bd34c79120f00e02551\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_i386.deb\n Size/MD5: 1040234 db9099b5ac165aaaf6220317d054df8c\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_i386.deb\n Size/MD5: 24768 7b5c03984b957dafa6b4bcd981c5af9f\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_i386.deb\n Size/MD5: 470404 6a7d265fd0aba23035df443e8b78269b\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_i386.deb\n Size/MD5: 113492 685a3b04a9581c29466b67fef742674d\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_i386.deb\n Size/MD5: 21570 23a9a67e65a5e2f8dfb836aba5b0ece5\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_i386.deb\n Size/MD5: 36630 cbfc768cbeceb42d104f41307f720688\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_i386.deb\n Size/MD5: 38268 8d71f0b2df12a449fa7c3fd7613ff682\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_i386.deb\n Size/MD5: 150304 f9c7b0ee3d4891b06ef4271c62c292d4\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_lpia.deb\n Size/MD5: 41828 101a835923e507c0eea60ff08663b1a9\n http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_lpia.deb\n Size/MD5: 250104 87f9678cd733aacc482b1cd7705a820d\n http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_lpia.deb\n Size/MD5: 105740 c5035426f0bf196ad4f34d320e9126a5\n http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_lpia.deb\n Size/MD5: 1025798 47551ddfeb321fd6ff69805bd3c72cf7\n http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_lpia.deb\n Size/MD5: 24354 9c8a3f39052994adeb0e1277eb9c96d6\n http://ports.ubuntu.com/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_lpia.deb\n Size/MD5: 449848 d70baaa8ab74b607cc20ac8befd935b3\n http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_lpia.deb\n Size/MD5: 108538 e64e03f6db0678366f5ed7931bbb7bd8\n http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_lpia.deb\n Size/MD5: 20936 c735ba0c832279b708b38dd995f90eea\n http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_lpia.deb\n Size/MD5: 35840 6e09afe7daabc2722145eae0ccf64ebb\n http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_lpia.deb\n Size/MD5: 36964 7cf9822533618d4eeaaaaca191081a10\n http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_lpia.deb\n Size/MD5: 146046 3e90eb9276c3c9cd29722b58b44825d6\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_powerpc.deb\n Size/MD5: 45228 6f58fdfb1a9464505b63d6ee10bfb499\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_powerpc.deb\n Size/MD5: 279194 7fb180ca0c0fb2197b6cabcb9e5b87c1\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_powerpc.deb\n Size/MD5: 117336 4a6d45d30c6dfd9b7525e9efeb7cc390\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_powerpc.deb\n Size/MD5: 1209208 c23a85c019b655f9044207a98c9eb472\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_powerpc.deb\n Size/MD5: 27166 92bd4c64f9914f63fc59973bc0e73d6d\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_powerpc.deb\n Size/MD5: 485638 3c3bff7bcd7df84170d9f45855785f46\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_powerpc.deb\n Size/MD5: 121410 6eb18c5fee8ef25bfaab05b53a6776d1\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_powerpc.deb\n Size/MD5: 24308 94df6003c7e061d9a1e1cbcc1ed1133d\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_powerpc.deb\n Size/MD5: 41128 a78b1e2958a2cda0347824e2d9eb7815\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_powerpc.deb\n Size/MD5: 41354 d826c2e80c70c92c54c407fa6458a2d0\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_powerpc.deb\n Size/MD5: 156660 24840c4483eb81fccfd483843c03fc21\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-P1-3ubuntu2_sparc.deb\n Size/MD5: 44760 ff76458f2f3bc437f975710f0f44350f\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-P1-3ubuntu2_sparc.deb\n Size/MD5: 267886 15ae5b64e2d7f0a84610dca3265f36fe\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-P1-3ubuntu2_sparc.deb\n Size/MD5: 114014 18755ede3d638c17c7292bbc0d0b331c\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-P1-3ubuntu2_sparc.deb\n Size/MD5: 1180276 a906d2e8f9b40766735895725112fe04\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-P1-3ubuntu2_sparc.deb\n Size/MD5: 25350 e9e7f9b9c5fc4b6bcaad7e36b7a12c21\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-P1-3ubuntu2_sparc.deb\n Size/MD5: 492286 e367b633343c1841f48eeec01f08e494\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-P1-3ubuntu2_sparc.deb\n Size/MD5: 117916 bee4cf76d903bf902a025ea2362cf5ec\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-P1-3ubuntu2_sparc.deb\n Size/MD5: 21900 0807caba04fee218b416288eae034b93\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-P1-3ubuntu2_sparc.deb\n Size/MD5: 38438 e11c657acb477041666dd3cccd8bfebc\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-P1-3ubuntu2_sparc.deb\n Size/MD5: 39244 da7d911f9a2f97fd6e895736489c22ac\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-P1-3ubuntu2_sparc.deb\n Size/MD5: 156818 cada78841afbf1e0caf13f75eadaba51\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1.diff.gz\n Size/MD5: 243611 da5389b9c001fc8105edd135c086b13d\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1.dsc\n Size/MD5: 998 2588a42ba49dd2702130d159c1f68d6d\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2.orig.tar.gz\n Size/MD5: 5021880 0aa73c66c206de3da10029bf5f195347\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.4.2-10ubuntu0.1_all.deb\n Size/MD5: 239534 7469deb007e19439a8f5df6a53ecd485\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_amd64.deb\n Size/MD5: 47052 24ce8ff319d3a45dc8c572df3bc47ef6\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_amd64.deb\n Size/MD5: 282744 5d77a9de6d4267405c6c969792a42243\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_amd64.deb\n Size/MD5: 116814 2adb81fed8e7d93cfde2ab01f1050d2e\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_amd64.deb\n Size/MD5: 1188376 36c0b944f5e23f76ba587e756e7c4bdb\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_amd64.deb\n Size/MD5: 27208 be7b3257b0eb9014f033b4ead73bb7a7\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_amd64.deb\n Size/MD5: 550042 268c59c90f72e47690a2f64fccc296c6\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_amd64.deb\n Size/MD5: 138186 5f08619b4b4198fb6176f4d914e74b54\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_amd64.deb\n Size/MD5: 24666 f584f72af33412695ab6cfb81c891ee4\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_amd64.deb\n Size/MD5: 44570 f63b6e57da24654d0ffc243936a5a153\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_amd64.deb\n Size/MD5: 42802 4542b6bea7110e1cbf557346fc5536ad\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_amd64.deb\n Size/MD5: 171006 c96cfef97c3950ab59b80a7b1d3aa868\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_i386.deb\n Size/MD5: 44692 62a8e406937a5be466977c5b47f9a659\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_i386.deb\n Size/MD5: 267508 da18e50b8467dbd7730640a09c52d188\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_i386.deb\n Size/MD5: 110460 480313c340c47e5d6f5167c11161daa7\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_i386.deb\n Size/MD5: 1065190 6fe78d85bdae7a9970c769dd2d1ebdcf\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_i386.deb\n Size/MD5: 27254 2ba88324a0225ccab2b826dcc2f0f202\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_i386.deb\n Size/MD5: 493370 5916fe8f22b1a19d0dde5f9e9596353f\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_i386.deb\n Size/MD5: 125982 26501d011be6c34b7874b19ceabd0148\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_i386.deb\n Size/MD5: 22852 13693beb84952c55cf78f4275c39aba7\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_i386.deb\n Size/MD5: 38258 34107c4916cb13ac651d16706e9d9b9a\n http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_i386.deb\n Size/MD5: 40058 443bc171d30e2f262bb8ce2e3bfe885e\n http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_i386.deb\n Size/MD5: 159118 b31758442a36011d79dde9c485fca1da\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_lpia.deb\n Size/MD5: 45254 659ea8656a46bc1265f0bf3049ffc511\n http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_lpia.deb\n Size/MD5: 267536 13c20e925a9a9ae1353b63fde5ce8555\n http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_lpia.deb\n Size/MD5: 111858 ce4c215e0dfc3a4c1e53b431264becf7\n http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_lpia.deb\n Size/MD5: 1068570 9680708be2a7840be99f2894234757bf\n http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_lpia.deb\n Size/MD5: 27248 f0a51f7ebaeb86afa2f466c1e4b1b4c0\n http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_lpia.deb\n Size/MD5: 488706 325b144544a6dfd1917210c9a02ec423\n http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_lpia.deb\n Size/MD5: 122606 316c7a93002a350fa04f7956483c6efe\n http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_lpia.deb\n Size/MD5: 22522 66d3aaa993507238b341578bb534a0aa\n http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_lpia.deb\n Size/MD5: 37670 b58cc5a2d27f02cac5b954cf4cb1cec5\n http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_lpia.deb\n Size/MD5: 39810 6a5c7b4e2a52a61258d86618f3a27106\n http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_lpia.deb\n Size/MD5: 158506 b2064557c74e536b96d77a707068c933\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_powerpc.deb\n Size/MD5: 49064 77fb0a3b0c381e9f4cf561240f801e99\n http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_powerpc.deb\n Size/MD5: 297108 927db70c3f13cb7642f8e9dfe9d2e378\n http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_powerpc.deb\n Size/MD5: 124214 fb0b53b2b7f5fd750c3ee3785038efea\n http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_powerpc.deb\n Size/MD5: 1271364 32f252c1f510f5d0f5f2860a75fccf8b\n http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_powerpc.deb\n Size/MD5: 29764 2111df6f219f9e4a421329209eee6489\n http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_powerpc.deb\n Size/MD5: 529240 e66e625de5160092f4ac4b9b505bd3ae\n http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_powerpc.deb\n Size/MD5: 137960 e581851a0e71ada301415c006e5697d9\n http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_powerpc.deb\n Size/MD5: 26412 12e5213a39740e05cdf4ed87dbfd055e\n http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_powerpc.deb\n Size/MD5: 43508 b8aab766d691b13f0df8796252bfe7a5\n http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_powerpc.deb\n Size/MD5: 44292 78170e54852c2e28718dd26c72148165\n http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_powerpc.deb\n Size/MD5: 171502 0c747e830656e34d4cd5b84f8ee38551\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_sparc.deb\n Size/MD5: 46786 2f07cd43ef71146ec839172a9318eb22\n http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_sparc.deb\n Size/MD5: 281936 b97f8461fb12702ffde3b1536e11531c\n http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_sparc.deb\n Size/MD5: 116124 cf6ec9328492c928d5d8064f09d5bcda\n http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_sparc.deb\n Size/MD5: 1178958 f21fed7bb01a12a74061b3cf03000b54\n http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_sparc.deb\n Size/MD5: 26652 b650866c75829e84f35592fff5d6c950\n http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_sparc.deb\n Size/MD5: 500058 d99f74a53d5b2b6167eae4bd9f56d3ed\n http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_sparc.deb\n Size/MD5: 127824 c93136898c8ce5f8ac90ba46daacc015\n http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_sparc.deb\n Size/MD5: 22688 e69b52b3505b614f95836502f06bd1ac\n http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_sparc.deb\n Size/MD5: 38792 3167cb62f05d65b3971cc90f1093cd6a\n http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_sparc.deb\n Size/MD5: 38984 92a1a25f10ed41b0bd3a25699e5d76ff\n http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_sparc.deb\n Size/MD5: 169952 3656ebd36bb152e7e18c984f0d8a31fe\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-1604-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nJuly 08, 2008 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : bind\nVulnerability : DNS cache poisoning\nProblem type : remote\nDebian-specific: no\nCVE Id(s) : CVE-2008-1447\nCERT advisory : VU#800113\n\n\nDan Kaminsky discovered that properties inherent to the DNS protocol\nlead to practical DNS cache poisoning attacks. Among other things,\nsuccessful attacks can lead to misdirected web traffic and email\nrerouting. \n\nThe BIND 8 legacy code base could not be updated to include the\nrecommended countermeasure (source port randomization, see DSA-1603-1\nfor details). There are two ways to deal with this situation:\n\n1. Upgrade to BIND 9 (or another implementation with source port\nrandomization). The documentation included with BIND 9 contains a\nmigration guide. Configure the BIND 8 resolver to forward queries to a BIND 9\nresolver. Provided that the network between both resolvers is trusted,\nthis protects the BIND 8 resolver from cache poisoning attacks (to the\nsame degree that the BIND 9 resolver is protected). \n\nThis problem does not apply to BIND 8 when used exclusively as an\nauthoritative DNS server. It is theoretically possible to safely use\nBIND 8 in this way, but updating to BIND 9 is strongly recommended. \nBIND 8 (that is, the bind package) will be removed from the etch\ndistribution in a future point release. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c01503743\nVersion: 1\n\nHPSBST02350 SSRT080102 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-037 to MS08-040\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nRelease Date: 2008-07-14\nLast Updated: 2008-07-14\n\nPotential Security Impact: Please check the table below \n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nVarious potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin. \n\nReferences: MS08-037 (CVE-2008-1447, CVE-2008-1454), MS08-038 (CVE-2008-1435), MS08-039 (CVE-2008-2247, CVE-2008-2248), MS08-040 (CVE-2008-0085, CVE-2008-0086, CVE-2008-0106, CVE-2008-0107). \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nStorage Management Appliance v2.1 Software running on: \n\nStorage Management Appliance I \nStorage Management Appliance II \nStorage Management Appliance III \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics \n===============================================\nReference Base Vector Base Score \n -- Not Applicable --\n===============================================\nInformation on CVSS is documented in HP Customer Notice: HPSN-2008-002. \n\nPatches released by Microsoft after MS06-051 are covered by monthly Security Bulletins. \n\nFor the full archived list of Microsoft security updates applicable for Storage Management Appliance software v2.1, please refer to the following Security Bulletins available on the IT Resource Center (ITRC) Web site: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\nFor patches released by Microsoft in 2003, MS03-001 to MS03-051 refer to Security Bulletin HPSBST02146 \nFor patches released by Microsoft in 2004, MS04-001 to MS04-045 refer to Security Bulletin HPSBST02147 \nFor patches released by Microsoft in 2005, MS05-001 to MS05-055 refer to Security Bulletin HPSBST02148 \nFor patches released by Microsoft in 2006, MS06-001 to MS06-051 refer to Security Bulletin HPSBST02140 \n\nThe Microsoft patch index archive and further details about all Microsoft patches can be found on the following Web site: http://www.microsoft.com/technet/security/bulletin/summary.mspx \n\nNOTE: The SMA must have all pertinent SMA Service Packs applied\n\nWindows 2000 Update Rollup 1\n\nCustomers are advised to download and install the Windows 2000 Update Rollup 1 for Service Pack 4 on SMA v2.1. For more information please refer to the Windows 2000 Update Rollup 1 for Service Pack 4 and Storage Management Appliance v2.1 advisory at the following website: http://h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?contentType=SupportManual\u0026lang=en\u0026cc=us\u0026docIndexId=179111\u0026taskId=101\u0026prodTypeId=12169\u0026prodSeriesId=315667 \n\nWindows 2000 Update Rollup 1 for SP4 does not include security updates released after April 30, 2005 starting from MS05-026. It also does not include patches MS04-003 and MS04-028. Please install these patches in addition to Windows 2000 Update Rollup 1 for SP4, if they have not been installed already\n\nRESOLUTION\nHP strongly recommends the immediate installation of all security patches that apply to third party software which is integrated with SMA software products supplied by HP, and that patches are applied in accordance with an appropriate patch management policy. \n\nNOTE: Patch installation instructions are shown at the end of this table. \n\n ------------------------------------------------- \nMS Patch - MS08-037 Vulnerabilities in DNS Could Allow Spoofing (953230)\nAnalysis - Patch will run successfully. \nAction - For SMA v2.1, customers should download patch from Microsoft and install. \n ------------------------------------------------- \nMS Patch - MS08-038 Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582)\nAnalysis - SMA does not have this component. \nAction - Patch will not run successfully. Customers should not be concerned with this issue\n ------------------------------------------------- \nMS Patch - MS08-039 Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747)\nAnalysis - SMA does not have this component. \nAction - Patch will not run successfully. Customers should not be concerned with this issue\n ------------------------------------------------- \nMS Patch - MS08-040 Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)\nAnalysis - SMA does not have this component. \nAction - Patch will not run successfully. Customers should not be concerned with this issue\n ------------------------------------------------- \n \nInstallation Instructions: (if applicable) \n\n\nDownload patches to a system other than the SMA \nCopy the patch to a floppy diskette or to a CD \nExecute the patch by using Terminal Services to the SMA or by attaching a keyboard, monitor and mouse to the SMA. \n\nNote: The Microsoft Windows Installer 3.1 is supported on SMA v2.1. For more information please refer at the following website: http://www.microsoft.com/downloads/details.aspx?FamilyID=889482fc-5f56-4a38-b838-de776fd4138c\u0026hash=SYSSXDF\u0026displaylang=en \n\n\nPRODUCT SPECIFIC INFORMATION \nNone \n\nHISTORY \nVersion:1 (rev.1) - 14 July 2008 Initial release \n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com \nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com \n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email: \nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC \nOn the web page: ITRC security bulletins and patch sign-up \nUnder Step1: your ITRC security bulletins and patches \n - check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems \n - verify your operating system selections are checked and save. \n\n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php \nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do \n\n\n* The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: \n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n \nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\n\\xa9Copyright 2008 Hewlett-Packard Development Company, L.P. \n\nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQA/AwUBSHuXnuAfOvwtKn1ZEQK1JwCg3stqwQ8mf3LcD2QuflMjMZtKvnYAnjnf\nTEtj6VDp/qFsIXFzdB/JYKQT\n=eGwf\n-----END PGP SIGNATURE-----\n. \n\nBackground\n==========\n\nVMware Player, Server, and Workstation allow emulation of a complete PC\non a PC without the usual performance overhead of most emulators. Users should migrate\n to another package if one is available or wait for the\n existing packages to be marked stable by their\n architecture maintainers. Please review the CVE identifiers referenced below for\ndetails. \n\nImpact\n======\n\nLocal users may be able to gain escalated privileges, cause a Denial of\nService, or gain sensitive information. Remote attackers also may be able to spoof DNS\ntraffic, read arbitrary files, or inject arbitrary web script to the\nVMware Server Console. \n\nResolution\n==========\n\nGentoo discontinued support for VMware Player. We recommend that users\nunmerge VMware Player:\n\n # emerge --unmerge \"app-emulation/vmware-player\"\n\nNOTE: Users could upgrade to \"\u003e=app-emulation/vmware-player-3.1.5\",\nhowever these packages are not currently stable. \n\nGentoo discontinued support for VMware Workstation. We recommend that\nusers unmerge VMware Workstation:\n\n # emerge --unmerge \"app-emulation/vmware-workstation\"\n\nNOTE: Users could upgrade to\n\"\u003e=app-emulation/vmware-workstation-7.1.5\", however these packages are\nnot currently stable. \n\nGentoo discontinued support for VMware Server. Security Advisory (08-AUG-2008) (CVE-2008-3280)\n===============================================\n\nBen Laurie of Google\u0027s Applied Security team, while working with an\nexternal researcher, Dr. Richard Clayton of the Computer Laboratory,\nCambridge University, found that various OpenID Providers (OPs) had\nTLS Server Certificates that used weak keys, as a result of the Debian\nPredictable Random Number Generator (CVE-2008-0166). \n\nIn combination with the DNS Cache Poisoning issue (CVE-2008-1447) and\nthe fact that almost all SSL/TLS implementations do not consult CRLs\n(currently an untracked issue), this means that it is impossible to\nrely on these OPs. \n\nAttack Description\n------------------\n\nIn order to mount an attack against a vulnerable OP, the attacker\nfirst finds the private key corresponding to the weak TLS\ncertificate. He then sets up a website masquerading as the original\nOP, both for the OpenID protocol and also for HTTP/HTTPS. \n\nThen he poisons the DNS cache of the victim to make it appear that his\nserver is the true OpenID Provider. \n\nThere are two cases, one is where the victim is a user trying to\nidentify themselves, in which case, even if they use HTTPS to \"ensure\"\nthat the site they are visiting is indeed their provider, they will be\nunable to detect the substitution and will give their login\ncredentials to the attacker. \n\nThe second case is where the victim is the Relying Party (RP). In this\ncase, even if the RP uses TLS to connect to the OP, as is recommended\nfor higher assurance, he will not be defended, as the vast majority of\nOpenID implementations do not check CRLs, and will, therefore, accept\nthe malicious site as the true OP. \n\nMitigation\n----------\n\nMitigation is surprisingly hard. In theory the vulnerable site should\nrevoke their weak certificate and issue a new one. \n\nHowever, since the CRLs will almost certainly not be checked, this\nmeans the site will still be vulnerable to attack for the lifetime of\nthe certificate (and perhaps beyond, depending on user\nbehaviour). Note that shutting down the site DOES NOT prevent the\nattack. \n\nTherefore mitigation falls to other parties. \n\n1. Browsers must check CRLs by default. \n\n2. OpenID libraries must check CRLs. \n\n3. \n\n4. Until either 1 and 2 or 3 have been done, OpenID cannot be trusted\n for any OP that cannot demonstrate it has never had a weak\n certificate. \n\nDiscussion\n----------\n\nNormally, when security problems are encountered with a single piece\nof software, the responsible thing to do is to is to wait until fixes\nare available before making any announcement. However, as a number of\nexamples in the past have demonstrated, this approach does not work\nparticularly well when many different pieces of software are involved\nbecause it is necessary to coordinate a simultaneous release of the\nfixes, whilst hoping that the very large number of people involved\nwill cooperate in keeping the vulnerability secret. \n\nIn the present situation, the fixes will involve considerable\ndevelopment work in adding CRL handling to a great many pieces of\nopenID code. This is a far from trivial amount of work. \n\nThe fixes will also involve changes to browser preferences to ensure\nthat CRLs are checked by default -- which many vendors have resisted\nfor years. We are extremely pessimistic that a security vulnerability\nin OpenID will be seen as sufficiently important to change the browser\nvendors minds. \n\nHence, we see no value in delaying this announcement; and by making\nthe details public as soon as possible, we believe that individuals\nwho rely on OpenID will be better able to take their own individual\nsteps to avoid relying upon the flawed certificates we have\nidentified. \n\nOpenID is at heart quite a weak protocol, when used in its most\ngeneral form[1], and consequently there is very limited reliance upon\nits security. This means that the consequences of the combination of\nattacks that are now possible is nothing like as serious as might\notherwise have been the case. \n\nHowever, it does give an insight into the type of security disaster\nthat may occur in the future if we do not start to take CRLs\nseriously, but merely stick them onto \"to-do\" lists or disable them in\nthe name of tiny performance improvements. \n\nAffected Sites\n--------------\n\nThere is no central registry of OpenID systems, and so we cannot be\nsure that we have identified all of the weak certificates that are\ncurrently being served. The list of those we have found so far is:\n\nopenid.sun.com\nwww.xopenid.net\nopenid.net.nz\n\nNotes\n-----\n\n[1] There are ways of using OpenID that are significantly more secure\n than the commonly deployed scheme, I shall describe those in a\n separate article. \n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-1447"
},
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#457875"
},
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "PACKETSTORM",
"id": "68068"
},
{
"db": "PACKETSTORM",
"id": "68412"
},
{
"db": "PACKETSTORM",
"id": "73060"
},
{
"db": "PACKETSTORM",
"id": "46512"
},
{
"db": "PACKETSTORM",
"id": "69643"
},
{
"db": "PACKETSTORM",
"id": "68063"
},
{
"db": "PACKETSTORM",
"id": "68037"
},
{
"db": "PACKETSTORM",
"id": "68199"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "68924"
}
],
"trust": 3.33
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-31572",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31572"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-1447",
"trust": 2.0
},
{
"db": "CERT/CC",
"id": "VU#800113",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2008-2025",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2009-0297",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2334",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2383",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2113",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2558",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2019",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2377",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2584",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2342",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-0622",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2166",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2051",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2092",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2029",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2384",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2268",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2052",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2549",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2197",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2009-0311",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2055",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2467",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2123",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2482",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2525",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2023",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2582",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2114",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2196",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2139",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2466",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2050",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2195",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2291",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2008-2030",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020548",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020578",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020448",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020558",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020702",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020440",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020575",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020437",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020802",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020449",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020579",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020561",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020804",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020577",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020560",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020651",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020653",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020438",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1020576",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31209",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31197",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31422",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30977",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31151",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31354",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31093",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31212",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31207",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31221",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31254",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31451",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31169",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30988",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30973",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31687",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31199",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30980",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31137",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30998",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31014",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31065",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31882",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31019",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31153",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31482",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31495",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "33178",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "33714",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31213",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31326",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31052",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31011",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31588",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31033",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31031",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31430",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30979",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31022",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31094",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31030",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31204",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30925",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31072",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31152",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31237",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31012",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "33786",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31143",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31236",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31900",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "30989",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "31823",
"trust": 1.1
},
{
"db": "USCERT",
"id": "TA08-190B",
"trust": 1.1
},
{
"db": "USCERT",
"id": "TA08-260A",
"trust": 1.1
},
{
"db": "USCERT",
"id": "TA08-190A",
"trust": 1.1
},
{
"db": "BID",
"id": "30131",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "6130",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "6123",
"trust": 1.1
},
{
"db": "EXPLOIT-DB",
"id": "6122",
"trust": 1.1
},
{
"db": "CERT/CC",
"id": "VU#457875",
"trust": 0.9
},
{
"db": "PACKETSTORM",
"id": "68412",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "73060",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68199",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68068",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68037",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68063",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "68878",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68038",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68755",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68118",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68502",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68061",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "74443",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68288",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "96747",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94774",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68183",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68471",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "73732",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "70207",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68039",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68036",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68500",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68691",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68360",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68473",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68129",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68546",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68554",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68543",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-65607",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-31572",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "46512",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "69643",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117012",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68924",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#457875"
},
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "PACKETSTORM",
"id": "68068"
},
{
"db": "PACKETSTORM",
"id": "68412"
},
{
"db": "PACKETSTORM",
"id": "73060"
},
{
"db": "PACKETSTORM",
"id": "46512"
},
{
"db": "PACKETSTORM",
"id": "69643"
},
{
"db": "PACKETSTORM",
"id": "68063"
},
{
"db": "PACKETSTORM",
"id": "68037"
},
{
"db": "PACKETSTORM",
"id": "68199"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "68924"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"id": "VAR-200707-0675",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-31572"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-29T22:30:21.788000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-331",
"trust": 1.1
},
{
"problemtype": "CWE-310",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-200812-17.xml"
},
{
"trust": 1.2,
"url": "http://security.gentoo.org/glsa/glsa-201209-25.xml"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26667"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26668"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26669"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26670"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26671"
},
{
"trust": 1.1,
"url": "http://www.ibm.com/support/docview.wss?uid=isg1iz26672"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce//2008/jul/msg00003.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00003.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00004.html"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce//2008/sep/msg00005.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/30131"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/495289/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/495869/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-190a.html"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-190b.html"
},
{
"trust": 1.1,
"url": "http://www.us-cert.gov/cas/techalerts/ta08-260a.html"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/800113"
},
{
"trust": 1.1,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a00809c2168.shtml"
},
{
"trust": 1.1,
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht3026"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht3129"
},
{
"trust": 1.1,
"url": "http://support.citrix.com/article/ctx117991"
},
{
"trust": 1.1,
"url": "http://support.citrix.com/article/ctx118183"
},
{
"trust": 1.1,
"url": "http://up2date.astaro.com/2008/08/up2date_7202_released.html"
},
{
"trust": 1.1,
"url": "http://wiki.rpath.com/wiki/advisories:rpsa-2008-0231"
},
{
"trust": 1.1,
"url": "http://wiki.rpath.com/wiki/advisories:rpsa-2010-0018"
},
{
"trust": 1.1,
"url": "http://www.bluecoat.com/support/security-advisories/dns_cache_poisoning"
},
{
"trust": 1.1,
"url": "http://www.isc.org/index.pl?/sw/bind/bind-security.php"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/mimg-7dwr4j"
},
{
"trust": 1.1,
"url": "http://www.kb.cert.org/vuls/id/mimg-7ecl8q"
},
{
"trust": 1.1,
"url": "http://www.novell.com/support/viewcontent.do?externalid=7000912"
},
{
"trust": 1.1,
"url": "http://www.phys.uu.nl/~rombouts/pdnsd.html"
},
{
"trust": 1.1,
"url": "http://www.phys.uu.nl/~rombouts/pdnsd/changelog"
},
{
"trust": 1.1,
"url": "http://www.rtpro.yamaha.co.jp/rt/faq/security/vu800113.html"
},
{
"trust": 1.1,
"url": "http://www.ruby-lang.org/en/news/2008/08/08/multiple-vulnerabilities-in-ruby/"
},
{
"trust": 1.1,
"url": "http://www.vmware.com/security/advisories/vmsa-2008-0014.html"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2008/dsa-1603"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2008/dsa-1604"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2008/dsa-1605"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2008/dsa-1619"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2008/dsa-1623"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/6122"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/6123"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/6130"
},
{
"trust": 1.1,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-july/msg00402.html"
},
{
"trust": 1.1,
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-july/msg00458.html"
},
{
"trust": 1.1,
"url": "http://security.freebsd.org/advisories/freebsd-sa-08:06.bind.asc"
},
{
"trust": 1.1,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-august/064118.html"
},
{
"trust": 1.1,
"url": "http://security.gentoo.org/glsa/glsa-200807-08.xml"
},
{
"trust": 1.1,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01662368"
},
{
"trust": 1.1,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01523520"
},
{
"trust": 1.1,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2008:139"
},
{
"trust": 1.1,
"url": "http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html"
},
{
"trust": 1.1,
"url": "http://www.caughq.org/exploits/cau-ex-2008-0002.txt"
},
{
"trust": 1.1,
"url": "http://www.caughq.org/exploits/cau-ex-2008-0003.txt"
},
{
"trust": 1.1,
"url": "http://www.doxpara.com/?p=1176"
},
{
"trust": 1.1,
"url": "http://www.doxpara.com/dmk_bo2k8.ppt"
},
{
"trust": 1.1,
"url": "http://www.nominum.com/asset_upload_file741_2661.pdf"
},
{
"trust": 1.1,
"url": "http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html"
},
{
"trust": 1.1,
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-037"
},
{
"trust": 1.1,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2008-009.txt.asc"
},
{
"trust": 1.1,
"url": "http://www.openbsd.org/errata42.html#013_bind"
},
{
"trust": 1.1,
"url": "http://www.openbsd.org/errata43.html#004_bind"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12117"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5725"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5761"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5917"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9627"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2008-0533.html"
},
{
"trust": 1.1,
"url": "http://www.redhat.com/support/errata/rhsa-2008-0789.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020437"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020438"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020440"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020448"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020449"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020548"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020558"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020560"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020561"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020575"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020576"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020577"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020578"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020579"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020651"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020653"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020702"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020802"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1020804"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30925"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30973"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30977"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30979"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30980"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30988"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30989"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/30998"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31011"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31012"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31014"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31019"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31022"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31030"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31031"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31033"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31052"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31065"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31072"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31093"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31094"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31137"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31143"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31151"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31152"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31153"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31169"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31197"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31199"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31204"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31207"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31209"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31212"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31213"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31221"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31236"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31237"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31254"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31326"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31354"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31422"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31430"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31451"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31482"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31495"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31588"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31687"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31823"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31882"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/31900"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/33178"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/33714"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/33786"
},
{
"trust": 1.1,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-239392-1"
},
{
"trust": 1.1,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-240048-1"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00003.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-622-1"
},
{
"trust": 1.1,
"url": "http://www.ubuntu.com/usn/usn-627-1"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2019/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2023/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2025/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2029/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2030/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2050/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2051/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2052/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2055/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2092/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2113/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2114/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2123/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2139/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2166/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2195/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2196/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2197/references"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2268"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2291"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2334"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2342"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2377"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2383"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2384"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2466"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2467"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2482"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2525"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2549"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2558"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2582"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2584"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2009/0297"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2009/0311"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/0622"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43637"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43334"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=121630706004256\u0026w=2"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.539239"
},
{
"trust": 1.0,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2008\u0026m=slackware-security.452680"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=121866517322103\u0026w=2"
},
{
"trust": 1.0,
"url": "http://www.ipcop.org/index.php?name=news\u0026file=article\u0026sid=40"
},
{
"trust": 1.0,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=762152"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=123324863916385\u0026w=2"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=141879471518471\u0026w=2"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1447"
},
{
"trust": 0.8,
"url": "http://csrc.nist.gov/publications/nistpubs/800-81/sp800-81.pdf"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/draft-ietf-dnsext-forgery-resilience"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc3833"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc2827"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc3704"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc3013"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc4033"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/draft-ietf-tsvwg-port-randomization"
},
{
"trust": 0.8,
"url": "http://cr.yp.to/djbdns/dns_random.html"
},
{
"trust": 0.8,
"url": "http://cr.yp.to/djbdns/dns_transmit.html"
},
{
"trust": 0.8,
"url": "http://cr.yp.to/djbdns/forgery.html"
},
{
"trust": 0.8,
"url": "http://www.trusteer.com/microsoftdns"
},
{
"trust": 0.8,
"url": "http://www.trusteer.com/bind9dns"
},
{
"trust": 0.8,
"url": "http://www.trusteer.com/bind8dns"
},
{
"trust": 0.8,
"url": "http://www.sans.org/reading_room/whitepapers/dns/1567.php"
},
{
"trust": 0.8,
"url": "http://blogs.iss.net/archive/morednsnat.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/cert/jvnvu800113/"
},
{
"trust": 0.8,
"url": "http://www.cert.at/static/cert.at-0802-dns-patchanalysis.pdf"
},
{
"trust": 0.8,
"url": "http://www.dimap.ufrn.br/"
},
{
"trust": 0.8,
"url": "http://www.icir.org/vern/imw-2002/imw2002-papers/198.pdf"
},
{
"trust": 0.8,
"url": "http://razor.bindview.com/publish/papers/tcpseq.html"
},
{
"trust": 0.8,
"url": "http://mathworld.wolfram.com/birthdayproblem.html"
},
{
"trust": 0.8,
"url": "http://mathworld.wolfram.com/birthdayattack.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/guest/17905"
},
{
"trust": 0.8,
"url": "http://www.rnp.br/cais/alertas/2002/cais-alr-19112002a.html"
},
{
"trust": 0.8,
"url": "http://www.rnp.br/cais_en/"
},
{
"trust": 0.8,
"url": "http://www.cert.org/advisories/ca-1997-22.html"
},
{
"trust": 0.8,
"url": "http://www.cert.org/advisories/ca-2001-09.html"
},
{
"trust": 0.8,
"url": "http://www.cert.org/archive/pdf/dns.pdf"
},
{
"trust": 0.3,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1447"
},
{
"trust": 0.3,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.3,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.3,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.1,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026amp;id=762152"
},
{
"trust": 0.1,
"url": "http://www.ipcop.org/index.php?name=news\u0026amp;file=article\u0026amp;sid=40"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=123324863916385\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=141879471518471\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=121866517322103\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=121630706004256\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2008\u0026amp;m=slackware-security.539239"
},
{
"trust": 0.1,
"url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2008\u0026amp;m=slackware-security.452680"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubuntu2.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubuntu2.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq_2.41-2ubuntu2.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/d/dnsmasq/dnsmasq-base_2.41-2ubuntu2.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2376"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2662"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2726"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2376"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3655"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3905"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3790"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2663"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3790"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2664"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2662"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3657"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3656"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2663"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2664"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3655"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3905"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2726"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2725"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2725"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3656"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3657"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026"
},
{
"trust": 0.1,
"url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/457875)"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200809-02.xml"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3350"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3350"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.4-2ubuntu2.3_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.3.2-2ubuntu1.5_all.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.4.2-10ubuntu0.1_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/liblwres30_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres9_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind-dev_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg30_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9-host_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-0_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns22_9.3.4-2ubuntu2.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc32_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisc11_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc30_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns21_9.3.2-2ubuntu1.5_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libbind9-30_9.4.1-p1-3ubuntu2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-doc_9.4.1-p1-3ubuntu2_all.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.1-p1-3ubuntu2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccc0_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns32_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libbind9-30_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.3.4.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/dnsutils_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/universe/b/bind9/lwresd_9.4.2-10ubuntu0.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9_9.4.1-p1-3ubuntu2.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.4-2ubuntu2.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/bind9-host_9.3.4-2ubuntu2.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/liblwres30_9.4.1-p1-3ubuntu2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/b/bind9/lwresd_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/dnsutils_9.4.1-p1-3ubuntu2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libisccfg1_9.3.2-2ubuntu1.5_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/libisccc30_9.4.2-10ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/b/bind9/libdns35_9.4.2-10ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/b/bind9/bind9_9.4.2-10ubuntu0.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0107"
},
{
"trust": 0.1,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/documentindex.jsp?contenttype=supportmanual\u0026lang=en\u0026cc=us\u0026docindexid=179111\u0026taskid=101\u0026prodtypeid=12169\u0026prodseriesid=315667"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0086"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1454"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2247"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0106"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0085"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/technet/security/bulletin/summary.mspx"
},
{
"trust": 0.1,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2248"
},
{
"trust": 0.1,
"url": "http://www.microsoft.com/downloads/details.aspx?familyid=889482fc-5f56-4a38-b838-de776fd4138c\u0026hash=syssxdf\u0026displaylang=en"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0909"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4915"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4915"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3868"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1142"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4917"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4916"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1140"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1141"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-2267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0910"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1362"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1137"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1138"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5269"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1447"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1361"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1139"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-1143"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1807"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2100"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-4916"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-1244"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3707"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1808"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1807"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1392"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2101"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-0909"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0040"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2267"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-3707"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2101"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5671"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4917"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-2100"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0967"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5671"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1806"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2007-5503"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1340"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2009-4811"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1364"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1363"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0910"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1392"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-1808"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-1362"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1244"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3732"
},
{
"trust": 0.1,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0967"
},
{
"trust": 0.1,
"url": "https://www.xopenid.net"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3280"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-0166"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#457875"
},
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "PACKETSTORM",
"id": "68068"
},
{
"db": "PACKETSTORM",
"id": "68412"
},
{
"db": "PACKETSTORM",
"id": "73060"
},
{
"db": "PACKETSTORM",
"id": "46512"
},
{
"db": "PACKETSTORM",
"id": "69643"
},
{
"db": "PACKETSTORM",
"id": "68063"
},
{
"db": "PACKETSTORM",
"id": "68037"
},
{
"db": "PACKETSTORM",
"id": "68199"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "68924"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#800113"
},
{
"db": "CERT/CC",
"id": "VU#457875"
},
{
"db": "VULHUB",
"id": "VHN-31572"
},
{
"db": "PACKETSTORM",
"id": "68068"
},
{
"db": "PACKETSTORM",
"id": "68412"
},
{
"db": "PACKETSTORM",
"id": "73060"
},
{
"db": "PACKETSTORM",
"id": "46512"
},
{
"db": "PACKETSTORM",
"id": "69643"
},
{
"db": "PACKETSTORM",
"id": "68063"
},
{
"db": "PACKETSTORM",
"id": "68037"
},
{
"db": "PACKETSTORM",
"id": "68199"
},
{
"db": "PACKETSTORM",
"id": "117012"
},
{
"db": "PACKETSTORM",
"id": "68924"
},
{
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-07-08T00:00:00",
"db": "CERT/CC",
"id": "VU#800113"
},
{
"date": "2002-11-19T00:00:00",
"db": "CERT/CC",
"id": "VU#457875"
},
{
"date": "2008-07-08T00:00:00",
"db": "VULHUB",
"id": "VHN-31572"
},
{
"date": "2008-07-10T07:29:30",
"db": "PACKETSTORM",
"id": "68068"
},
{
"date": "2008-07-22T18:01:41",
"db": "PACKETSTORM",
"id": "68412"
},
{
"date": "2008-12-16T21:29:31",
"db": "PACKETSTORM",
"id": "73060"
},
{
"date": "2006-05-22T06:59:00",
"db": "PACKETSTORM",
"id": "46512"
},
{
"date": "2008-09-04T22:22:48",
"db": "PACKETSTORM",
"id": "69643"
},
{
"date": "2008-07-10T07:10:37",
"db": "PACKETSTORM",
"id": "68063"
},
{
"date": "2008-07-10T06:23:57",
"db": "PACKETSTORM",
"id": "68037"
},
{
"date": "2008-07-15T16:45:48",
"db": "PACKETSTORM",
"id": "68199"
},
{
"date": "2012-09-30T16:40:15",
"db": "PACKETSTORM",
"id": "117012"
},
{
"date": "2008-08-08T20:46:25",
"db": "PACKETSTORM",
"id": "68924"
},
{
"date": "2008-07-08T23:41:00",
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-04-14T00:00:00",
"db": "CERT/CC",
"id": "VU#800113"
},
{
"date": "2004-10-18T00:00:00",
"db": "CERT/CC",
"id": "VU#457875"
},
{
"date": "2020-03-24T00:00:00",
"db": "VULHUB",
"id": "VHN-31572"
},
{
"date": "2024-11-21T00:44:32.723000",
"db": "NVD",
"id": "CVE-2008-1447"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "68068"
},
{
"db": "PACKETSTORM",
"id": "68412"
},
{
"db": "PACKETSTORM",
"id": "46512"
},
{
"db": "PACKETSTORM",
"id": "68063"
}
],
"trust": 0.4
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple DNS implementations vulnerable to cache poisoning",
"sources": [
{
"db": "CERT/CC",
"id": "VU#800113"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "spoof",
"sources": [
{
"db": "PACKETSTORM",
"id": "68068"
},
{
"db": "PACKETSTORM",
"id": "68412"
},
{
"db": "PACKETSTORM",
"id": "68063"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.