BID:26076

Novell SUSE ISC BIND Named LibGSSAPI Denial Of Service Vulnerability

Info

Novell SUSE ISC BIND Named LibGSSAPI Denial Of Service Vulnerability

Bugtraq ID:	26076
Class:	Design Error
CVE:	CVE-2007-5471
Remote:	Yes
Local:	No
Published:	Oct 15 2007 12:00AM
Updated:	Oct 26 2007 09:26PM
Credit:	The vendor disclosed this issue.
Vulnerable:	SuSE Linux Enterprise Server 10.SP1

Not Vulnerable:

Discussion

Novell SUSE ISC BIND Named LibGSSAPI Denial Of Service Vulnerability

Novell SUSE Linux Enterprise Server is prone to a denial-of-service vulnerability becuase it fails to adequately handle certain GSS-TSIG requests that require the 'libgssapi' library.

Attackers can exploit this issue to cause denial-of-service conditions.

Versions prior to 'libgssapi' 0.6-13.17 as found in Enterprise Server 10 SP1 are vulnerable.

Exploit / POC

Novell SUSE ISC BIND Named LibGSSAPI Denial Of Service Vulnerability

Attackers can exploit this issue with readily available DNS update mechanisms.

Solution / Fix

Novell SUSE ISC BIND Named LibGSSAPI Denial Of Service Vulnerability

Solution:
The vendor has released 'libgssapi' 0.6-13.7 to address this issue. Please see the references for more information.

SuSE Linux Enterprise Server 10.SP1

Novell Recommended update for libgssapi s390x 09/17/07
http://download.novell.com/Download?buildid=ExRb3LtR6n0~

Novell Recommended update for libgssapi x86, ia64, ppc, x86_64 09/17/07
http://download.novell.com/Download?buildid=V8j8vliwwVM~

References

Novell SUSE ISC BIND Named LibGSSAPI Denial Of Service Vulnerability

References:

Novell Homepage (Novell)
BIND crashes on Dynamic DNS update request (Novell)