Important Security Patch Released for BlueCat DNS/DHCP Software

2019-04-25

Bluecat har idag släppt en hotfix för sin DNS/DHCP-mjukvara som åtgärdar en sårbarhet som upptäckts i CVE-2018-5743.
Hotfixen är tillgänglig för version 9.0.0, v.8.3.x och 8.2.0.

Bluecat rekommenderar att man planerar in ett servicefönster och så snart som möjligt installerar hotfixen. För mer information och möjlighet att ladda ner uppdateringarna så krävs ett inloggningskonto hos Bluecats Care Online: https://care.bluecatnetworks.com/a8B1W000000PlHRUA0

Om ni saknar konto så hör av er till Certezza support så kan vi bistå med hotfixen och installationsanvisningarna.

support@certezza.net eller 08-791 92 00

*********************************************************************

Earlier today, ISC has announced three security vulnerabilities; links to each are provided in the article referenced below in this email. BlueCat has reviewed the vulnerabilities and is only affected by CVE-2018-5743.

A hotfix has now been released for v9.0.0, v8.3.x and 8.2.0 to address the security vulnerability described in CVE-2018-5743.

  • CVE-2018-5743: DNS service fails to limit simultaneous TCP connections.

BlueCat strongly advises customers to apply the appropriate hotfix during a controlled or planned outage. Customers should schedule a maintenance window during non-peak times in order to minimize the effects of this interruption.

For more information, please review the following article:
https://care.bluecatnetworks.com/a8B1W000000PlHRUA0

Patches are available now for v9.0.0, v8.3.x and v8.2.0. For questions or concerns, please contact Customer Success via the following: