Sorry it took so long to get back to you. I will have to dig up version numbers. But basically we had machines with the most recent Ubuntu 6.06 DNS/Bind package running. And they were poisoned. The machines were not breached, the systems were fine, just DNS/Bind were filled with incorrect DNS information (poisioned).
When investigating the issue we noticed there was an updated version of ISC DNS Bind that was not incorporated into the most recent Ubuntu 6.06 DNS Bind package. This is the package I had installed, [EMAIL PROTECTED]:~$ sudo apt-cache showpkg bind9 Package: bind9 Versions: 1:9.3.2-2ubuntu1.3(/var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_dapper-updates_main_binary-i386_Packages)(/var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_dapper-security_main_binary-i386_Packages)(/var/lib/dpkg/status) 1:9.3.2-2ubuntu1(/var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_dapper_main_binary-i386_Packages) Reverse Depends: gforge-dns-bind9,bind9 dnsutils,bind9 1:9.1.0-3 ultrapossum-dnsbalance,bind9 resolvconf,bind9 1:9.2.1-7 meta-ul-server-base,bind9 ldap2dns,bind9 gforge-dns-bind9,bind9 education-main-server,bind9 dnscvsutil,bind9 dhis-tools-dns,bind9 dhis-dns-engine,bind9 autodns-dhcp,bind9 dnsutils,bind9 1:9.1.0-3 Dependencies: 1:9.3.2-2ubuntu1.3 - libbind9-0 (0 (null)) libc6 (2 2.3.4-1) libdns21 (0 (null)) libisc11 (0 (null)) libisccc0 (0 (null)) libisccfg1 (0 (null)) liblwres9 (0 (null)) libssl0.9.8 (2 0.9.8a-1) netbase (0 (null)) adduser (0 (null)) libdns21 (5 1:9.3.2-2ubuntu1.3) libisccfg1 (5 1:9.3.2-2ubuntu1.3) libisc11 (5 1:9.3.2-2ubuntu1.3) libisccc0 (5 1:9.3.2-2ubuntu1.3) lsb-base (2 3.0-6) dnsutils (0 (null)) bind9-doc (0 (null)) bind (0 (null)) bind (0 (null)) dnsutils (3 1:9.1.0-3) 1:9.3.2-2ubuntu1 - libbind9-0 (0 (null)) libc6 (2 2.3.4-1) libdns21 (0 (null)) libisc11 (0 (null)) libisccc0 (0 (null)) libisccfg1 (0 (null)) liblwres9 (0 (null)) libssl0.9.8 (2 0.9.8a-1) netbase (0 (null)) adduser (0 (null)) libdns21 (5 1:9.3.2-2ubuntu1) libisccfg1 (5 1:9.3.2-2ubuntu1) libisc11 (5 1:9.3.2-2ubuntu1) libisccc0 (5 1:9.3.2-2ubuntu1) lsb-base (2 3.0-6) dnsutils (0 (null)) bind9-doc (0 (null)) bind (0 (null)) bind (0 (null)) dnsutils (3 1:9.1.0-3) Provides: 1:9.3.2-2ubuntu1.3 - 1:9.3.2-2ubuntu1 - Reverse Provides: The version I installed from ISC is 9.4.2 ==>brian. On Tue, 2008-03-11 at 15:25 +0000, Kees Cook wrote: > Thanks for the report. The bind9 in dapper should contain all security > fixes from later releases. Do you have any other details about the > situation you've been seeing? > > ** Changed in: bind9 (Ubuntu) > Status: Triaged => Incomplete > -- dns caches posioned https://bugs.launchpad.net/bugs/176971 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
