Remote unprivileged users may cause named(1M) to ultimately return incorrect addresses for Internet hosts thereby redirecting end users to unintended hosts and or services.

This issue is also referenced in the following documents:

• CVE-2007-2926 (CERT-US VU#553201) at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926
• Internet Systems Consortium Security bulletin at:  http://www.isc.org/sw/bind/bind-security.php

This issue can occur in the following releases:

SPARC Platform

• Solaris 10 without patch 119783-05

x86 Platform

• Solaris 10 without patch 119784-05

Note: Solaris 8 and Solaris 9 are not impacted by this issue.

Only systems with the BIND named(1M) service enabled are impacted by this issue. To verify if the DNS service instance is enabled under smf(5), use the svcs(1) command as follows:

    $ svcs -l svc:/network/dns/server:default | grep enabled
    enabled      true

There are no reliable symptoms that would indicate the described issue has occurred.

There is no workaround.  Please see the Resolution section below.

This issue is addressed in the following releases:

SPARC Platform

• Solaris 10 with patch 119783-05 or later

x86 Platform

• Solaris 10 with patch 119784-05 or later

Note: The resolution provides BIND 9.3.4-P1 as provided by the custodians of BIND; the Internet Systems Consortium (ISC).

After the patch has been installed, it is recommended that BIND administrators familiarize themselves with the "/usr/share/doc/bind/migration.txt" document.

Further information on BIND 9.3 is available in the BIND 9.3 Advanced Reference Manual (ARM) available on the ISC web site at:

• http://www.isc.org/sw/bind/arm93/index.php

• Updated Relif/Workaround section

• State: Resolved
• Updated Contributing Factors, Relief/Workaround, and Resolution sections.

• Updated Resolution section

This solution has no attachment