Compaq Computer Corporation Information for VU#715973
ISC BIND 8.2.2-P6 vulnerable to DoS via compressed zone transfer, aka the "zxfr bug"
- Vendor Information Help Date Notified: 12 Nov 2000
- Statement Date:
- Date Updated: 16 May 2001
Status
Affected
Vendor Statement
......................................................................
COMPAQ COMPUTER CORPORATION
......................................................................
CERT-2000-20 - BIND 8 The "zxfr bug"
X-REF: SSRT1-38U, CERT-2000-20
......................................................................
Compaq Tru64 UNIX V5.1 -
patch: SSRT1-66U_v5.1.tar.Z
Compaq Tru64 UNIX V5.0 & V5.0a -
V5.0 patch: SSRT1-68U_v5.0.tar.Z
V5.0a patch: SSRT1-68U_v5.0a.tar.Z
Compaq Tru64 UNIX V4.0D/F/G - Not Vulnerable
TCP/IP Services for Compaq OpenVMS - Not Vulnerable
......................................................................
CERT02000-20 - BIND 8 The "srv bug"
X-REF: SSRT1-38U, CERT CA2000-20
......................................................................
Compaq Tru64 UNIX V5.1 -
patch: SSRT1-66U_v5.1.tar.Z
Compaq Tru64 UNIX V5.0 & V5.0a -
V5.0 patch: SSRT1-68U_v5.0.tar.Z
V5.0a patch: SSRT1-68U_v5.0a.tar.Z
Compaq Tru64 UNIX V4.0D/F/G - Not Vulnerable
TCP/IP Services for Compaq OpenVMS - Not Vulnerable
Compaq will provide notice of the completion/availability
of the patches through AES services (DIA, DSNlink FLASH),
the ** Security mailing list, and be available from your
normal Compaq Support channel.
**You may subscribe to the Security mailing list at:
http://www.support.compaq.com/patches/mailing-list.shtml
Software Security Response Team
COMPAQ COMPUTER CORPORATION
......................................................................
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Vendor References
None
Addendum
Compaq Tru64 Unix was reported as being not vulnerable when CA-2000-20 was initially launched.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.