CERT-MU :Vulnerability

Home | Search | FAQ | Site Map | Contact Us

|| Hotline : 800 2378 || To contact CERT-MU send e-mail on --> info[at]cert-mu.gov.mu || To report incident e-mail on --> incident[at]cert-mu.gov.mu || To report Vulnerabilities send e-mail on --> Vulnerability[at]cert-mu.gov.mu ||

Charter & Mission

CERT-MU Services

Constituency

Authority

Incident Reporting

Vulnerability Reporting

Incident Statistics Forms

Vol. 2, Feb 2012

Vol. 1, Oct 2011

World CERTs

Security Sites

Security Tools

Antivirus Resources

Email Abuse

Network Abuse

Anti-Spam Initiative

Cyber Security Portal

Safer Internet Day

Computer Security Day

National Computer Board

Authorized to use CERT(TM) - CERT is a mark owned by Carnegie Mellon University

CERT-MU Vulnerability Note VN-2008-13

Vulnerability in the Solaris IP Filter Network Address Translation

Original Issue Date: November 19, 2008

Severity Rating: High

Systems Affected

Solaris 10
OpenSolaris based upon builds snv_01 through snv_95

Overview

A vulnerability has been reported in Sun Solaris IP Filter Network Address Translation (NAT) that may allow remote unprivileged user to cause DNS cache poisoning.

Description

The vulnerability is caused due to an error in the handling of DNS traffic and can be exploited to poison the DNS cache. This issue is caused due to error in the IP Filter (ipfilter) when configured to provide Network Address Translation (NAT) service on DNS servers, which may allow remote unprivileged users to cause, named to return incorrect addresses for Internet hosts, thereby redirecting end users to unintended hosts or services.

Solutions

Apply appropriate patches as suggested by vendor