The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Bind Security Notice

Discussion in 'Security' started by jhawkins002, Nov 16, 2011.

  1. jhawkins002

    jhawkins002 Member

    Joined:
    Mar 29, 2010
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Hi All,

    Running WHM 11.30.4 on the latest Centos 5 (5.7) and noticed a security note came out today regarding bind: https://www.isc.org/software/bind/advisories/cve-2011-4313

    Seems 5.7 is running a rather crufty 9.3.6 version by default which is no longer supported or patched for this vulnerability... anyone have experience upgrading to a newer bind binary?
     
  2. cPanne

    cPanne Member
    Staff Member

    Joined:
    Oct 4, 2011
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Cypress, Texas, United States
    cPanel Access Level:
    Website Owner
    Bind is managed by your package manager.

    If you have WHM configured to keep your system up to date you should have the latest Bind available for your system.

    This Security Advisory is currently under review and has not yet been accepted:
    Candidate This CVE Identifier has "Candidate" status and must be reviewed and accepted by the CVE Editorial Board before it can be updated to official "Entry" status on the CVE List. It may be modified or even rejected in the future.

    CVE - CVE-2011-4313 (under review)

    By default cPanel servers don't have recursive queries turned on. Without recursive queries, you can't get cache poisoning.

    For that reason this Security Advisory does not apply to a standard/ stock cPanel server.

    Regards,
    Anne
     
  3. jhawkins002

    jhawkins002 Member

    Joined:
    Mar 29, 2010
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Thanks for the update Anne - this is excellent information!
     
  4. Vliegtuig

    Vliegtuig Well-Known Member

    Joined:
    Jan 21, 2010
    Messages:
    74
    Likes Received:
    2
    Trophy Points:
    6
    Our BIND server actually seems to have crashed tonight. Woke up to dozens of reports and incoming calls. We have never experienced problems with BIND before, so I doubt this is coincidence.

    BIND version: BIND 9.3.6-P1-RedHat-9.3.6-16.P1.el5_7.1
    OS: CentOS release 5.7 (Final)
    Kernel (patched via Uptrack): 2.6.18-274.7.1.el5

    The following was seen in my log:

    Restarting named 'solved' the problem.
     
Loading...

Share This Page