IV11742: BIND 9.4.1 IS VULNERABLE TO CVE 2010-0382, 2010-0097, 2009-0025 APPLIES TO AIX 6100-05

A fix is available

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • AIX Bind 9.4.1 is vulnerable to the following 3 security
    vulnerabilities:
    (1) CVE-2010-0382 - ISC BIND Out-Of-Bailwick Data
    Handling Error
    (2) CVE-2010-0097 - ISC BIND Improper DNSSEC NSEC and
    NSEC3 Record
    (3) CVE-2009-0025 - BIND OpenSSL DSA_do_verify and
    EVP_VerifyFinal
    

Local fix

Problem summary

  • AIX Bind 9.4.1 is vulnerable to the following 3 security
    vulnerabilities:
    (1) CVE-2010-0382 - ISC BIND Out-Of-Bailwick Data Handling
    Error
    (2) CVE-2010-0097 - ISC BIND Improper DNSSEC NSEC and NSEC3
    Record
    (3) CVE-2009-0025 - BIND OpenSSL DSA_do_verify and
    EVP_VerifyFinal
    

Problem conclusion

  • www.isc.org has provided the fix.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IV11742

  • Reported component name

    AIX 610 STD EDI

  • Reported component ID

    5765G6200

  • Reported release

    610

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Submitted date

    2011-12-06

  • Closed date

    2011-12-06

  • Last modified date

    2013-02-27

  • APAR is sysrouted FROM one or more of the following:

    IV09491

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    AIX 610 STD EDI

  • Fixed component ID

    5765G6200

Applicable component levels

  • R610 PSY U850899

       UP12/03/15 I 1000



Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

AIX Enterprise Edition

Software version:

610

Operating system(s):

AIX

Reference #:

IV11742

Modified date:

2013-02-27

Translate my page

Machine Translation

Content navigation