Issues the date: 2008-09-09
Renewal date: 2008-09-12
Is affected the system:
Apple Bonjour for Windows 1.0.4
Not affected system:
Apple Bonjour for Windows 1.0.5
Description:
--------------------------------------------------------------------------------
BUGTRAQ ID: 31093
CVE(CAN) ID: CVE-2008-3630
Bonjour is also called zero disposition networking, permits in the automatic discovery IP network the computer, the equipment and the service.
The user may use Bonjour API to issue traditional the unicast DNS inquiry. In the DNS agreement's crack allows long-distance aggressor forge DNS to respond, if like this has the application procedure to use Bonjour for Windows issue unicast DNS, possibly receives the forge information.
<* origin: Apple
Link: http://secunia.com/advisories/31822/
http://support.apple.com/kb/HT2990
*>
Suggested:
--------------------------------------------------------------------------------
Manufacturer patch:
Apple
-----
At present the manufacturer had already issued the promotion patch repairs this security problem, welcome to manufacturer main page downloading:
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=21079&cat=59&platform=osx&method=sa/BonjourSetup.exe
|