Flashes, Announcements, Releases, and FAQs are provided for your ready reference in the tabs below.
Click the links below to read the content of each security flash.
Additional details and access to security patches are available within SupportCenter.
On February 8, 2012, the Internet Systems Consortium (ISC) announced vulnerabilities in their DNS server as CVE-2012-1033. With targeted queries sent to DNS resolvers, you can prevent a DNS resolver from expiring NS records of delegated domain NS record even after the delegated data has been deleted from the domain registry and after the TTL associated with entry supposedly expires.
For more details regarding the Infoblox response, please login to the SupportCenter website.
On January 12, 2012, the Internet Systems Consortium (ISC) announced vulnerabilities in their DHCP server, CVE-2011-4868, when configured to deliver IPv6-based leases. Improper handling of dynamic DNS information can cause a segmentation fault in ISC DHCP servers using both IPv6 and dynamic DNS. This segmentation would result in a denial of service to clients.
Infoblox NIOS is not vulnerable because of additional validation that Infoblox added to the DHCP code. The patch to ISC DHCP version 4.2.2 is available on the ISC web site contains two unrelated (non-security) fixes that resolve dynamic DNS update problems. Infoblox had previously discovered and fixed those problems, but to be consistent with ISC, Infoblox will provide a patch that aligns the Infoblox product with the ISC code.
On November 16, 2011 the Internet Systems Consortium (ISC) announced a vulnerability in their DNS server, CVE-2011-4313. All supported NIOS releases are impacted by this defect if NIOS is deployed as a recursive DNS server. When the server experiences the problem, DNS service will exit with the following message: "INSIST(!dns_rdataset_isassociated(sigrdataset))". However the NIOS monitoring process automatically restarts the DNS service after it detects the failure. NIOS monitoring helps to recover services automatically, but Infoblox recommends customers upgrade once patches are available.
As of November 16, 2011, Infoblox has released patches to address CVE-4313-2011.
On August 10, 2011 the Internet Systems Consortium (ISC) announced vulnerabilities in their DHCP server, CVE-2011-2748 and CVE-2749-2011. Some versions of Infoblox NIOS are vulnerable to both issues. A defect in the affected DHCP server versions allows an attacker to remotely cause the "dhcpd" process to exit using a specially crafted packet.
To exploit the vulnerability a remote attacker could send the specially crafted packet directly to an Infoblox appliance running a vulnerable version of DHCP. Infoblox systems with the DHCP service disabled are not vulnerable to this exploit.
Infoblox has released NIOS versions to address both issues. This update to Infoblox NIOS will properly discard or process the specially crafted packet. If you are not already running one of the following NIOS updates then you should update as soon as possible: 6.2.1, 6.1.4, 5.1r5-0, 5.1r4-6, and 4.3r8-5.
On July 5, 2011 the Internet Systems Consortium (ISC) announced vulnerabilities in BIND 9, CVE-2011-2464 and CVE-2011-2465. Infoblox NIOS is only vulnerable to CVE-2464-2011. A defect in the affected BIND 9 versions allows an attacker to remotely cause the "named" process to exit using a specially crafted packet. This defect affects both recursive and authoritative servers. The code location of the defect makes it impossible to protect BIND using ACLs configured within named.conf or by disabling any features at compile-time or run-time. A remote attacker would need to be able to send a specially crafted packet directly to a server running a vulnerable version of BIND. There is also the potential for an indirect attack via malware that is inadvertently installed and run, where infected machines have direct access to an organization's nameservers.
Infoblox has released patches to address CVE-2464-2011. The following NIOS updates should be deployed as soon as possible: 6.1.3, 6.0.7, 5.1r4-4, or 5.1r3-10.
World IPv6 Day is June 8, 2011. For 24 hours, major web sites, including Google, Yahoo! and Facebook will add AAAA records to their primary domain names (e.g., www.google.com), thereby advertising IPv6 addresses for those web sites.
How will that affect you? It probably won't. Most Internet users don't have IPv6 connectivity, so their computers won't attempt to connect to the IPv6 addresses of those web sites. The minority of Internet users who do have IPv6 connectivity will be able to reach those web sites using IPv6.
However, a small percentage of users, estimated at .05% to .078% of the Internet's population, run on computers that think they have IPv6 connectivity but really don't. When those users try to access these web sites, their computers will attempt to connect to the web servers over IPv6 but will fail. After a timeout, they'll fall back to IPv4. Those timeouts can be quite long, though: from 20 to 180 seconds per connection. Therefore, those users may think that the web site is down, or that they're experiencing a network or DNS problem.
On May 26, 2011, the Internet Systems Consortium (ISC) announced a vulnerability in BIND 9, CVE-2011-1910, that could allow a malicious party to crash the BIND name server set up to be a caching resolver. This issue can be exploited by querying a domain with very large resource records sets (RRSets) with the BIND 9 server attempting to negatively cache a response.
Infoblox has released patches to address this vulnerability. The following NIOS updates should be deployed as soon as possible: 6.1.1, 6.0.6, 5.1r4-3, 5.1r3-9, or 4.3r8-3.
On May 5, 2011, the Internet Systems Consortium announced a vulnerability in BIND version 9.8, CVE-2011-1907, that could allow a malicious party to crash the BIND name server by querying it for RRSIG records in a Response Policy Zone.
Infoblox has reviewed this vulnerability and determined that our product is not affected by it.
The new features/capabilities include:
Q: I am a new Infoblox customer. How do I get a user account on the Infoblox support web?
A: Welcome to Infoblox. In order to get a userid established, you need to fill out the user registration form available at Support Center Login page. You will need to enter an Infoblox Support ID to register as a user . Once Infoblox receives your completed request, we will establish your user credentials and contact you within 1 business day with the access information.
Q: I am a new Infoblox customer. How do I find Infoblox Support ID to register a new user?
A: You can find Infoblox Support ID in shipping confirmation email sent by Infoblox during inital purchase of Infoblox products. If there is a registered user within your orgarnization , you can also locate Infoblox Support ID in Infoblox iSupport site. Once you login to Infoblox Support Center, you will find Infoblox Support ID under welcome message on the left side of the window.
Q: How should I log a support issue?
A: There are multiple ways in which you can contact Infoblox support including by phone, the support web portal, and by email.
Q: Where can I find information on your support offerings?
A: Information regarding our support offerings can be obtained from Maintenance Packages page in Support web portal.
Q: How do I renew my support contract?
A: Support renewals are administered by the reseller from which you purchased your Infoblox products, or through an Infoblox sales representative if you purchased your product directly from Infoblox. If you would like more information or need assistance regarding support contract renewals, please send email to renewals@infoblox.com and we will get back to you promptly.
Q: How do I know if my support contract is valid?
A: You can verify your support status on Infoblox iSupport site. Login to Infoblox Support Center, go to iSupport Portal site, and click on Account tab to by view support contract.
Q: Does your support contract cover advanced replacement of hardware should a hardware failure occur?
A: Yes, the premium support contract provides advance replacement of hardware for hardware related failures. More details are available in the program descriptions.
Q: What are the support hours of operation?
A: Premium Maintenance Contract Customers: Phone support on a 24x7x365 days basis for all P1 issues. Priority 2 issues and lower are responded to during our normal business hours from 6:00 AM to 6:00 PM, M-F, Pacific Standard Time.
Q: How do I return my defective unit after I have been issued an RMA?
A:Once you have received the RMA replacement, please ship the defective unit back to us. Complete and return with this unit an Infoblox RMA Return Instructions form (either domestic or international), which can be found at the following links:
US RMA return instructions
International RMA return instructions
Q: How do I return an Infoblox appliance after my evaluation has been completed?
A: An RMA number is required before returning any evaluation unit. RMA Number is same as the order number noted on the packing slip and pre-paid UPS label is located in the power cord(s) box. If you need a UPS Label or UPS pick-up, please fill out Eval Return Form.
Q: Is Infoblox WEEE Compliant?
A: Infoblox is in the processes of setting up and administering a product recyling program per the WEEE Directive. If you reside in any European country and you intend on disposing of any Infoblox products please contact the Director of Operations for instructions on proper disposal. Please call 1-408-625-4200 for more information.
Q: How do I log a Support case?
A: In order to log a support case through Infoblox Support Center, you will first need to establish an account on the Infoblox Support Center. Once you have a valid account and have logged in, click on the Infoblox iSupport Portal "Learn More" button on the Support Center page. Then, click on "Create service request " in the Support Resources window. Enter the information that is requested and finally click "submit" to log your support case. For detail instructions on creating a case, please refer to "Managing User Cases" section in Infoblox Suport Center User Guide.
Q: What is Infoblox Support Center?
A: Infoblox Support Center is the new Infoblox support web portal that allows customers to manage their support cases, search an integrated knowledge base, download latest releases or support packs, and access technical documentations. Please click here for instructions on using tools in Infoblox Support Center.
Q: Do you offer professional services or product training?
A: Yes, Infoblox offers customized training programs and professional services to meet the needs of our customers. You can obtain more information on training options by sending mail to training@infoblox.com and professional services by sending email to profsvcs@infoblox.com.
Q: What's in Support Packs?
A: Support Packs contain scripts and general help files to help guide you through the installation, configuration, and administration of your Infoblox appliance. Support packs are often updated to represent newer functionality, so please download the appropriate version of the support pack to match your installed version of software.
Q: How do I download Support Packs?
A: Once you log into Support Center, click on the "Downloads" link on the left side of window. Download the version that is closest to the version of software that you are running. For example, download DNSone v3.1r5 Support Pack, if you are running v3.1r6.
