CERT VU#800113 DNS Cache Poisoning Issue

[websitesource]

http://www.isc.org/index.pl?/sw/bind/view/?release=9.5.0-P1

What can be done to address this in Plesk immediately? Would it be safe to just compile from their provided source and overwrite the currently used bind-9.3.3-7 version? We'd rather not have to wait weeks, or perhaps months, for the developers to release a new plesk patch.

Thanks,
Kelly Shutt
Alentus Corporation

 

[ipwtech]

If anyone running Debian 4 has a solution for this please post here. I am working on this as well and debian only offers a "secure" version in the unstable source.

 

[breun]

The vulnerability is not in Plesk's packages but in your OS vendor's packages. I believe all Linux distributions have already released updates with (usually backported) patches, so just make sure your system is up to date.

 

[websitesource]

So just upgrading with the standard OS packages should work then? I just wanted to make sure there's nothing specific we need to worry about from the control panel perspective before going ahead.

Thanks,
Kelly Shutt
Alentus Corporation

 

[breun]

Just update and restart bind and you should be fine.