CERTA-2006-AVI-088
Vulnerability from certfr_avis - Published: 2006-02-21 - Updated: 2006-02-21None
Description
Une vulnérabilité présente dans les serveurs de résolution de nom BIND4 et BIND8 peut être utilisée par un utilisateur mal intentionné pour corrompre le cache DNS.
Cette vulnérabilité peut être utilisée pour réaliser des attaques par usurpation de nom de domaine.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "HP Tru64 Unix 4.0F PK8 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "HP Tru64 Unix 5.1B-3 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "HP Tru64 Unix 5.1B-2/PK4 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "HP Tru64 Unix 5.1A PK6 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "HP Tru64 Unix 4.0G PK4 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 pr\u00e9sente dans les serveurs de r\u00e9solution de nom BIND4\net BIND8 peut \u00eatre utilis\u00e9e par un utilisateur mal intentionn\u00e9 pour\ncorrompre le cache DNS.\n\nCette vuln\u00e9rabilit\u00e9 peut \u00eatre utilis\u00e9e pour r\u00e9aliser des attaques par\nusurpation de nom de domaine.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [],
"initial_release_date": "2006-02-21T00:00:00",
"last_revision_date": "2006-02-21T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 HP c00595837 du 10 f\u00e9vrier 2006 :",
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00595837"
}
],
"reference": "CERTA-2006-AVI-088",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2006-02-21T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
}
],
"summary": null,
"title": "Vuln\u00e9rabilit\u00e9 sur BIND4/BIND8 sur HP Tru64",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 HP Tru64",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…