BlueCat Networks Customers Protected from Recent DHCP Vulnerability
Toronto, Canada – December 15, 2011 – BlueCat Networks, the IPAM Intelligence™ company, recently announced the availability of a patch for its appliance-based DNS and DHCP software solutions that addresses the latest DHCP vulnerability publicized by the Internet Systems Consortium (ISC). BlueCat Networks discovered the vulnerability and was prepared to immediately provide patches to its customers on the same day as the ISC’s public release.
Working with a client, BlueCat Networks was instrumental in identifying and reporting the vulnerability (CVE-2011-4539) to the ISC. The vulnerability found by BlueCat Networks relates to a bug in the DHCP software which could allow an attacker to remotely crash a DHCP server in a Denial of Service (DoS) attack. After discovering the issue, BlueCat Networks worked with the ISC to test and verify a fix to address the vulnerability. BlueCat Networks’ proactive response demonstrates its commitment to security and providing timely patches to critical security vulnerabilities that could put organizations at risk.
“ISC is very appreciative of BlueCat Networks for its efforts in finding and testing this DHCP issue,” said Barry Greene, President of ISC. “We are committed to identifying and rapidly addressing any security vulnerabilities and look to partners like BlueCat Networks to assist us in meeting the security requirements of our customers and the Internet community at large using our Phased Disclosure Process.”
“Our customers depend on our solutions to deliver business-critical DNS and DHCP core networks services,” said Branko Miskov, Director of Product Management, BlueCat Networks. “Security is a primary focus of our organization and we have a long history of being first to market with patches to address vulnerabilities as they arise. As an early adopter and member of ISC’s ‘Friends of ISC’ program, we are one of only a handful of vendors that work directly with ISC to ensure the ongoing reliability and feature richness of BIND and DHCP.”
Providing a purpose-built platform for DNS, DHCP and IP Address Management, BlueCat Networks solutions include highly secure software that is updated regularly to address new vulnerabilities. With BlueCat Networks’ simple solutions, there is no need for customers to spend time and effort monitoring security vulnerability and OS patches.
Deployed at some of the most demanding and secure organizations in the world, BlueCat Networks’ physical and virtual appliances help public and private sector organizations improve security, lower costs and increase IT efficiency. BlueCat Networks’ solutions also allow organizations to securely manage change and growth with unsurpassed scalability and future-ready support for IPv6 and DNSSEC.
BlueCat Networks customers can download patches for all supported software versions on the Care customer support site.
Internet Systems Consortium (ISC) is a non‐profit 501(c)(3) public benefit corporation widely known for world‐class Internet software engineering and network operations. Its founders include key Internet pioneers Rick Adams, Paul Vixie, and Carl Malamud with other key Internet luminaries, Dave Farber, Stephen Wolff and Fred Baker serving on its Board.
ISC software, of which BIND and ISC DHCP are the two best‐known examples, is always Open Source. Our passion is Internet core technology. Our widely‐imitated Managed Open Source process ensures the quality of our software while keeping it completely open and available. ISC operates high‐reliability global networks of DNS root servers (F‐root) and authoritative DNS servers (SNS@ISC) both for non‐profit and commercial enterprises. ISC continues to be involved in Internet protocol and standards development, particularly in the areas of DNSSEC and IPv6. ISC is supported by donations from generous sponsors, by program membership fees, and by specific fees for services. For program or donation information, please visit our website at http://www.isc.org.
About BlueCat Networks
BlueCat Networks is a leading provider of smart, simple, scalable IP Address Management (IPAM) solutions. With tightly-integrated IP core services, our software solutions give organizations the power to centrally manage “everything IP” in their network from a single pane of glass. The result is a dynamic network that is more resilient, cost effective and easier to manage.
BlueCat Networks’ feature-rich and future-ready solutions have helped Global 2000 companies and government agencies reduce costs and solve today’s most critical IT challenges – from accelerating the rollout of new services to data center virtualization and cloud computing. We also help organizations manage growth and change by easing the transition to new technologies such as IPv6 and DNSSEC. For more information, visit https://bluecatnetworks.com.
Proteus, Adonis, IPAM Intelligence, IPAM for Everyone and BlueCat Networks are trademarks of BlueCat Networks, Inc. and/or BlueCat Networks (USA) Inc. Other products mentioned herein may be trademarks and/or registered trademarks of their respective owners.
Customer situation brief on SUNBURST/Solorigate
Learn more about the attack via the SolarWinds Orion platform and how BlueCat products use DNS to help protect customers against compromises like it.
On the road to platform hardening, consider a STIG
Security Technical Implementation Guides standardize security configuration on networks, servers, and devices. BlueCat uses them and you can, too.
IT pros debate: Who should own DNS in the cloud?
Six networking pros dig into who should own DNS in the cloud during the third Critical Conversation on Critical Infrastructure hosted in Network VIP.
Flexibility and security can co-exist for the Red Cross
American Red Cross CISO Vikas Mahajan discusses flexible security strategies for front-line operations and his roadmap for moving toward a SASE model.