IBM Support

IV61090: AIX NAMED9 IS VULNERABLE TO CVE-2006-0987 APPLIES TO AIX 7100-02

A fix is available

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • The default configuration of ISC BIND before 9.4.1-P1,
    when configured as a caching name server, allows
    recursive
    queries and provides additional delegation information to
    arbitrary IP addresses, which allows remote attackers to
    cause a denial of service (traffic amplification)
    via DNS queries with spoofed source IP addresses.
    

Local fix

Problem summary

  • If /etc/named.conf file is not configured with trusted subnet
    parameters, AIX named9 will allow user request from anywhere
    to do the recursive query via named, and query named's
    unauthoritative cache entry. This is a potential
    "Denial of Service" vulnerability.
    

Problem conclusion

  • AIX named9 code is modified to allow recursive queries or cache
    queries only to the hosts within the subnet of the DNS server
    (ie localhost, localnet) by default, if /etc/named.conf is
    not configured with any ACL's using 'allow-query-cache' or
    'allow-recursion' options.
    

Temporary fix

Comments

  • 6100-08 - use AIX APAR IV60990
    6100-09 - use AIX APAR IV57729
    6100-09 - use AIX APAR IV57729
    7100-02 - use AIX APAR IV61090
    7100-03 - use AIX APAR IV61027
    7100-04 - use AIX APAR IV61067
    

APAR Information

  • APAR number

    IV61090

  • Reported component name

    AIX V7.1

  • Reported component ID

    5765H4000

  • Reported release

    710

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Submitted date

    2014-06-02

  • Closed date

    2014-06-02

  • Last modified date

    2016-05-10

  • APAR is sysrouted FROM one or more of the following:

    IV57729

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    AIX V7.1

  • Fixed component ID

    5765H4000

Applicable component levels

  • R710 PSY U865329

       UP15/01/19 I 1000

PTF to Fileset Mapping



Document information

More support for: AIX Enterprise Edition

Software version: 710

Operating system(s): AIX

Reference #: IV61090

Modified date: 10 May 2016