Support Headlines

Nortel has released a bulletin to provide guidance for multiple vendor fixes, where applicable, to the BIND/DNS Cache Poisoning attach described in CVE-2008-1447 (aka: “DNS Insufficient Socket Entropy Vulnerability” or “the Kaminsky bug.”).  This bulletin is intended to work in concert with Nortel’s response to MS08-037 which we have previously alerted our customers to.(Citation 1)  (Citation 2)  (Citation 3)

•   Nortel BIND/DNS Bulletin - 28 August 2008 (25.5 KiB)
  You need to log in to download this file.

This bulletin announces that the following products are not vulnerable to the DNS Cache Poisoning vulnerability.

• Enterprise VoIP Products: CS1000M Chassis/Cabinet, CS1000S
• Meridian-1 Products: Option 11C - Cabinet, Option 11C - Chassis, Option 51C, Option 61C, Option 81C.
• Ethernet Routing Switch 8661
• VPN Gateway 3050 and 3070
• BCM50

The following products are announced as vulnerable in this document/revision (see previous post citations above for previous announcements):

• BCM200 Release 4.0 and SRG 1.5 (Based on BCM Release 4.0)

NOTE: Nortel indicates that they will release a BCM specific patch to address this vulnerability.