IBM Support

IV60990: AIX NAMED9 IS VULNERABLE TO CVE-2006-0987 APPLIES TO AIX 6100-08

A fix is available

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • The default configuration of ISC BIND before 9.4.1-P1,
    when configured as a caching name server, allows
    recursive
    queries and provides additional delegation information to
    arbitrary IP addresses, which allows remote attackers to
    cause a denial of service (traffic amplification)
    via DNS queries with spoofed source IP addresses.
    

Local fix

Problem summary

  • If /etc/named.conf file is not configured with trusted subnet
    parameters, AIX named9 will allow user request from anywhere
    to do the recursive query via named, and query named's
    unauthoritative cache entry. This is a potential
    "Denial of Service" vulnerability.
    

Problem conclusion

  • AIX named9 code is modified to allow recursive queries or cache
    queries only to the hosts within the subnet of the DNS server
    (ie localhost, localnet) by default, if /etc/named.conf is
    not configured with any ACL's using 'allow-query-cache' or
    'allow-recursion' options.
    

Temporary fix

Comments

  • 6100-08 - use AIX APAR IV60990
    6100-09 - use AIX APAR IV57729
    6100-09 - use AIX APAR IV57729
    7100-02 - use AIX APAR IV61090
    7100-03 - use AIX APAR IV61027
    7100-04 - use AIX APAR IV61067
    

APAR Information

  • APAR number

    IV60990

  • Reported component name

    AIX 610 STD EDI

  • Reported component ID

    5765G6200

  • Reported release

    610

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Submitted date

    2014-05-28

  • Closed date

    2014-05-28

  • Last modified date

    2016-05-10

  • APAR is sysrouted FROM one or more of the following:

    IV57729

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    AIX 610 STD EDI

  • Fixed component ID

    5765G6200

Applicable component levels

  • R610 PSY U867350

       UP15/01/18 I 1000

PTF to Fileset Mapping



Document information

More support for: AIX Standard Edition

Software version: 610

Operating system(s): AIX

Reference #: IV60990

Modified date: 10 May 2016