Apple Computer Inc. Information for VU#734644

ISC BIND 8 vulnerable to cache poisoning via negative responses

Status

Affected

Vendor Statement

Mac OS X 10.3 and later: Not Vulnerable. Mac OS X 10.3 uses a later version of BIND that does not have this vulnerability.

Mac OS X 10.2.x: Recommend upgrading to Mac OS X 10.2.8, then installing BIND 8.4.3 as follows:

First install the Developer Tools if they are not already present, then perform the following steps from the command-line in an application such as Terminal:

1. Download BIND version 8.4.3 by executing the following command:
curl -O ftp://ftp.isc.org/isc/bind/src/8.4.3/bind-src.tar.gz

2. Verify the integrity of this file by typing:
cksum bind-src.tar.gz
which should indicate "3224691664 1438439 bind-src.tar.gz"

3. Unpack the distribution as follows:
tar xvzf bind-src.tar.gz

4. Now you're ready to start building the distribution.
cd to the src/ directory and type "make"

5. The next step will install the new named daemon:
sudo cp bin/named/named /usr/sbin/

6. Reboot

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.