My Favorites


Please to see your favorites.

  • Bookmark
  • Email Document
  • Printer Friendly
  • Favorite
  • Rating:

Status of CVE-2008-1447 - Multiple DNS implementations vulnerable to cache poisoning

This document (7000912) is provided subject to the disclaimer at the end of this document.


Novell NetWare
Novell openSUSE
Novell SUSE Linux Enterprise
Novell Open Enterprise Server (NetWare based)
Novell Open Enterprise Server (Linux based)



On July 8th, 2008, CERT released Vulnerability Note VU#800113 regarding deficiencies in the DNS protocol and common DNS implementations that facilitate DNS cache poisoning attacks. The Common Vulnerabilities and Exposures (CVE) identifier for this issue is CVE-2008-1447.

Status - BIND packages on Linux (Last updated: 2008-07-11)

The BIND packages in Novell's Linux products were affected by this issue. Fixed packages have been released for SLES10 SP2, SLES10 SP1, SLES9 as well as for openSUSE 11.0, 10.3 and 10.2.

Status - novell-bind packages on OES2 (Last updated: 2008-07-26)

Open Enterprise Server 2 includes novell-bind which provides an eDirectory-integrated DNS server. Fixes for this issue were release July 25th, 2008, in novell-bind-9.3.2-52.3.i586.rpm& novell-bind-9.3.2-52.3.x86_64.rpm

Status - NetWare (Last updated: 2008-07-26)

Novell has identified that NetWare (all versions) is susceptible to the DNS cache poisoning security flaw. Fixes for this issue were included in named.nlm released July 25th, 2008.


Security Alert
Top Issue


This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7000912
  • Creation Date:10-JUL-08
  • Modified Date:08-NOV-12
    • NovellNetWare
      Open Enterprise Server
    • SUSESUSE Linux Enterprise Server
< Back to Support Search

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.

SUSE Customer Support Quick Reference Guide SUSE Technical Support Handbook Update Advisories
Support FAQ

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center