Check Point Advisories

Preemptive Protection against HP-UX BIND4 DNS Cache Poisoning

Check Point Reference: CPAI-2006-050
Date Published: 24 May 2006
Severity: Medium
Last Updated: Monday 07 May, 2007
Source: HP Support Document ID: c00668546
Industry Reference:US-CERT VU#457875
Protection Provided by:
Who is Vulnerable? Hewlett-Packard HP-UX B.11.00
Vulnerability Description A vulnerability has been identified with HP-UX running the BINDv4 Domain Name Server (DNS). Successful exploitation could result in the poisoning of the DNS cache tables. Once the cache tables have been altered, a remote attacker may inspect, capture or corrupt any information exchanged between hosts on the network.
Vulnerability DetailsThe vulnerability is due to an unspecified error in HP-UX's DNS BIND4 when it is set up to respond to DNS recursion queries and the results are cached. Remote attackers can exploit this to poison the DNS cache tables. Once the cache tables have been altered, a remote attacker may inspect, capture or corrupt any information exchanged between hosts on the network. By poisoning a DNS server, a remote attacker could, for example, direct users to malicious sites or prevent them from accessing web sites of their choice.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK