HP Tru64 UNIX - SSRT090161 : DNS BIND Remote Denial of Service

Copyright (c) Hewlett-Packard Company 2008.  All rights reserved.


PRODUCT:    HP Internet Express for Tru64 UNIX
SOURCE:     Hewlett-Packard Company

ECO INFORMATION:

     ECO Name:   T64V51B-IX691-BIND936P1-SSRT-20090803.tar.gz
     ECO Kit Approximate Size: 26 MB
     Kit Applies To:  HP Internet Express for Tru64 UNIX 6.9

     ECO Kit CHECKSUMS:
        /usr/bin/sum results:
        59464  26530

        /usr/bin/cksum results:
        311795920 27166588

        MD5 results:
        8eebaeee2cb988d57ea787f57c8ad323  

        SHA1 results:
        d676eecb6ef6e99e5f5b768cf7d51c92c8b3b6d4     
        
ECO KIT SUMMARY:

A setld-based patch kit exists for HP Internet Express for Tru64 UNIX 6.9
(IX) that contains solution to the following problem:

SSRT090137:
A potential security vulnerability has been reported on BIND running on the HP
Tru64 UNIX Operating System. The vulnerability allows remote attackers to cause a Denial of 
Service (DoS) by sending a specific dynamic update message.


Special Installation Instructions

The kit "T64V51B-IX691-BIND936P1-SSRT-20090803.tar.gz" when untarred contains the following 
directory:bind 

Directory bind has two tar files: 

   - IX691-BIND-SSRT.tar.gz (Installable Kit) 
   - bind9.3.6-P1.tar.Z (sources) 

Installing the kit 


1. gunzip T64V51B-IX691-BIND936P1-SSRT-20090803.tar.gz 

2. tar xvf T64V51B-IX691-BIND936P1-SSRT-20090803.tar 

3. cd bind 

4. gunzip IX691-BIND-SSRT.tar.gz 

5. tar xvf IX691-BIND-SSRT.tar 

6. cd bind_kit 

7. ls -R 
IAE.image IAEBIND691 INSTCTRL instctrl 

./instctrl: IAE.image IAE691.comp IAEBIND691.ctrl IAEBIND691.inv IAEBIND691.scp 

8. setld -l . 

9. cd /usr/lib/bind9 

ln -s libisc.so libisc.so.15 
ln -s libdns.so libdns.so.26 

SUPERSEDE INFORMATION:

Please note that this IX BIND ERP being delivered contains the subset IAEBIND691 and the IX 6.9 kit
will have the subset IAEBIND690. Hence, IX 6.9 BIND will not be allowed to overwrite the BIND binary 
delivered by this ERP. All the features present in IX 6.9 BIND are available in this BIND ERP.


KNOWN PROBLEMS WITH THE PATCH KIT:

None.


[R] UNIX is a registered trademark in the United States and other countries 
licensed exclusively through X/Open Company Limited.

Copyright Hewlett-Packard Company 2004.  All Rights reserved.

  This software is proprietary to and embodies the confidential technology
  of Hewlett-Packard Company.  Possession, use, or copying of this
  software and media is authorized only pursuant to a valid written license
  from Hewlett-Packard or an authorized sublicensor.

       This ECO has not been through an exhaustive field test process.
       Due to the experimental stage of this ECO/workaround, Hewlett-Packard
       makes no representations regarding its use or performance. The
       customer shall have the sole responsibility for adequate protection
       and back-up data used in conjunction with this ECO/workaround.