AOH :: HP Unsorted B :: VA2380.HTM

bind bind-utils
rPSA-2009-0009-1 bind bind-utils
rPSA-2009-0009-1 bind bind-utils

rPath Security Advisory: 2009-0009-1
Published: 2009-01-20
    rPath Linux 1
    rPath Linux 2

Rating: Severe
Exposure Level Classification:
    Indirect Deterministic Vulnerability
Updated Versions: 

rPath Issue Tracking System:


    Previous versions of BIND incorrectly interpret the return value of the
    OpenSSL DSA_do_verify function. On systems using DNSSEC, a malicious zone
    could present a malformed DSA certificate and bypass proper certificate
    validation, allowing spoofing attacks.
    rPath Linux does not ship with DNSSEC enabled, and therefore is not, by
    default, vulnerable to this attack. 

Copyright 2009 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at 

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH
We do not send spam. If you have received spam bearing an email address, please forward it with full headers to