IBM Support

IV61067: AIX NAMED9 IS VULNERABLE TO CVE-2006-0987 APPLIES TO AIX 7100-04

A fix is available

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • The default configuration of ISC BIND before 9.4.1-P1,
    when configured as a caching name server, allows
    recursive
    queries and provides additional delegation information to
    arbitrary IP addresses, which allows remote attackers to
    cause a denial of service (traffic amplification)
    via DNS queries with spoofed source IP addresses.
    

Local fix

Problem summary

  • If /etc/named.conf file is not configured with trusted subnet
    parameters, AIX named9 will allow user request from anywhere
    to do the recursive query via named, and query named's
    unauthoritative cache entry. This is a potential
    "Denial of Service" vulnerability.
    

Problem conclusion

  • AIX named9 code is modified to allow recursive queries or cache
    queries only to the hosts within the subnet of the DNS server
    (ie localhost, localnet) by default, if /etc/named.conf is
    not configured with any ACL's using 'allow-query-cache' or
    'allow-recursion' options.
    

Temporary fix

Comments

  • 6100-08 - use AIX APAR IV60990
    6100-09 - use AIX APAR IV57729
    6100-09 - use AIX APAR IV57729
    7100-02 - use AIX APAR IV61090
    7100-03 - use AIX APAR IV61027
    7100-04 - use AIX APAR IV61067
    ×**** PE16/05/20 PTF IN ERROR. SEE APAR IV80759  FOR DESCRIPTION
    

APAR Information

  • APAR number

    IV61067

  • Reported component name

    AIX V7.1

  • Reported component ID

    5765H4000

  • Reported release

    710

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Submitted date

    2014-05-30

  • Closed date

    2014-05-30

  • Last modified date

    2016-05-20

  • APAR is sysrouted FROM one or more of the following:

    IV57729

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    AIX V7.1

  • Fixed component ID

    5765H4000

Applicable component levels

  • R710 PSY U861791

       UP15/11/23 I 1000

PTF to Fileset Mapping

[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSMV87","label":"AIX 6.1 Enterprise Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"710","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}},{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSMVAX","label":"AIX Express Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"710","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG11R","label":"AIX 7.1 HIPERS, APARs and Fixes"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"710","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
20 May 2016