DarkFiber Consulting – IT Managed Services

Novell Releases eDirectory Version 8.7.3 SP10 FTF1

October 6th, 2008 . by DarkFiber Consulting

Novell has released eDirectory 8.7.3 SP10 FTF1 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition on the affected system.

DarkFiber Consulting encourages users to review Novell document 3477912 and apply any necessary patches to help mitigate the risks.

Internet System Consortium releases BIND -P2 patches

August 4th, 2008 . by DarkFiber Consulting

The Internet System Consortium has released updates for BIND to address performance and stability issues.

DarkFiber Consulting recommends that administrators of this product apply the respective patches for BIND 9.5.0-P2, BIND 9.4.2-P2 and BIND 9.3.5-P2 or check with their software vendor for updated versions.

NAT/PAT Affects DNS Cache Poisoning Mitigation

July 23rd, 2008 . by DarkFiber Consulting

DarkFiber Consulting released a Current Activity entry and a Vulnerability Note on July 8, 2008 regarding deficiencies in DNS implementations. These deficiencies could leave an affected system vulnerable to cache poisoning. Technical details regarding this vulnerability have been posted to public websites. Attackers could use these details to construct exploit code. Users are encouraged to patch systems or apply workarounds immediately.

A number of patches implement source port randomization in the name server as a way to reduce the practicality of cache poisoning attacks. Administrators should be aware that in infrastructures where nameservers exist behind Network Address Translation (NAT) and Port Address Translation (PAT) devices, port randomization in the nameserver may be overwritten by the NAT/PAT device and a sequential port address could be allocated. This may weaken the protection offered by source port randomization in the nameserver.

DarkFiber Consulting encourages users to consider one of the following workarounds:

  • Place the nameserver outside of the NAT/PAT device in the network infrastructure.
  • Configure the NAT/PAT device to perform source port randomization.
  • Configure the NAT/PAT device to preserve the source port assigned by the nameserver.

Additional information can be found in DarkFiber Consulting Vulnerability Note VU#800113.

More information will be provided as it becomes available.