Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

NIOS DNS DHCP IPAM

Reply

CVE-2019-11477

New Member
Posts: 4
7166     0

Hi,

 

There are good reasons to believe that NIOS, being built on Linux, is susceptible to among others CVE-2019-11477, the selective ACK kernel panic vulnerability recently disclosed by Netflix. I got the mail today about KB 2899: security alerts being recently updated, but nothing about this SACK panic "feature".

- Anyone got any news on this?
- Anyone tested an appliance against it?

 

Netflix advisory: https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md

RedHat advisory: https://access.redhat.com/security/vulnerabilities/tcpsack

 

BR,

 

Re: CVE-2019-11477

Expert
Posts: 70
7166     0

KB 10615 posted yesterday for NIOS 8.4.0-8.4.3.  Hotfix available for 8.4.3.

https://support.infoblox.com/app/answers/detail/a_id/10615

Re: CVE-2019-11477

[ Edited ]
New Member
Posts: 4
7167     0

No cookie. That hotfix addresses CVE-2019-6471, not CVE-2019-11477.

 

BR,

 

 

Re: CVE-2019-11477

Expert
Posts: 70
7167     0

Sorry, I read it too fast... yesterday I heard from someone on the NetMRI team that NetMRI is not affected and that a KB would be posted today, as soon as the NIOS one was posted.   So expect it soon.

Re: CVE-2019-11477

New Member
Posts: 4
7167     0

The vulnerability notice, with associated hotfix and instruction, was made available some 20 hours ago: https://support.infoblox.com/app/answers/detail/a_id/10622

 

Re: CVE-2019-11477

New Member
Posts: 1
7167     0

Hi,

 

applied this hotfix on a test Grid, worked fine.

No affect on DNS Service at all

 

Thanks,

Fredrik

Re: CVE-2019-11477

New Member
Posts: 4
7167     0

Thank you. Good to know it was a smooth process.

 

Showing results for 
Search instead for 
Did you mean: 

Recommended for You