[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[linux-security] bind 9 vulnerable to DoS attacks
- To: linux-security
- Subject: [linux-security] bind 9 vulnerable to DoS attacks
- From: Martin Siegert <siegert@sfu.ca>
- Date: Tue, 4 Jun 2002 18:39:44 -0700
- User-Agent: Mutt/1.2.5.1i
Topic
=====
Version 9 of the bind name service daemon prior to version 9.2.1 contain
a denial of service vulnerability.
Problem Description
===================
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols. Versions of BIND 9 prior to 9.2.1 have a bug
that causes certain requests to the BIND name server (named) to fail an
internal consistency check, causing the name server to stop responding to
requests. This can be used by a remote attacker to cause a denial of
service (DOS) attack against name servers. A Cert advisory on the topic
was released today (June 4, 2002).
Affected Systems
================
Domain Name System (DNS) servers running ISC BIND 9 prior to 9.2.1.
According to the Cert Advisory affected are:
- Mandrake Linux 8.x
- RedHat Linux 7.1, 7.2, 7.3
- SuSE Linux
not affected is Caldera OpenLinux
The Cert advisory did not provide information for Debian, but to my
knowledge Debian is running bind version 8 and is therefore not
vulnerable (please check).
Solution
--------
RedHat 7.1
----------
rpm -Fvh bind-9.2.1-0.70.i386.rpm bind-devel-9.2.1-0.70.i386.rpm \
bind-utils-9.2.1-0.70.i386.rpm
RedHat 7.2, 7.3
---------------
rpm -Fvh bind-9.2.1-0.7x.i386.rpm bind-devel-9.2.1-0.7x.i386.rpm \
bind-utils-9.2.1-0.7x.i386.rpm
Mandrake 8.0
------------
rpm -Fvh bind-9.2.1-1.3mdk.i586.rpm \
bind-devel-9.2.1-1.3mdk.i586.rpm \
bind-utils-9.2.1-1.3mdk.i586.rpm
Mandrake 8.1, 8.2
-----------------
rpm -Fvh bind-9.2.1-1.1mdk.i586.rpm \
bind-devel-9.2.1-1.1mdk.i586.rpm \
bind-utils-9.2.1-1.1mdk.i586.rpm