Bind Security Vulnerabilities Roundup
by Berislav Kucan - last update: 21 November 2002
1) Original advisory on this topic

2) Vendor response (Internet Software Consortium)

3) Security advisories by Linux vendors

4) Additional information




Original advisory on this topic

Brief description: ISS X-Force has discovered several serious vulnerabilities in the Berkeley Internet Name Domain Server (BIND). BIND is the most common implementation of the DNS (Domain Name Service) protocol, which is used on the vast majority of DNS servers on the Internet. DNS is a vital Internet protocol that maintains a database of easy-to-remember domain names (host names) and their corresponding numerical IP addresses.

Vulnerability descriptions can be seen from the ISS X-Force advisory:

http://www.net-security.org/vuln.php?id=2215

Affected Versions:

BIND SIG Cached RR Overflow Vulnerability

BIND 8, versions up to and including 8.3.3-REL

BIND 4, versions up to and including 4.9.10-REL

BIND OPT Denial of Service Vulnerability

BIND 8, versions 8.3.0 up to and including 8.3.3-REL

BIND SIG Expiry Time Denial of Service Vulnerability

BIND 8, versions up to and including 8.3.3-REL




Vendor response (Internet Software Consortium)

Name: "BIND: Remote Execution of Code"

Versions affected: BIND 4.9.5 to 4.9.10

BIND 8.1, 8.2 to 8.2.6, 8.3.0 to 8.3.3

Severity: SERIOUS

Exploitable: Remotely

Type: Possibility to execute arbitrary code.

Description:

When constructing a response containing SIG records a incorrect space allows a write buffer overflow. It is then possible to execute code with the privileges of named.

Workarounds:

Disable recursion if possible.

Patches:

BIND 8.3.3 -
bind833.diff

BIND 8.2.6 - bind826.diff

BIND 4.9.10 - bind4910.diff




CERT Advisory

CERT Advisory CA-2002-31 - Multiple Vulnerabilities in BIND

http://www.net-security.org/advisory.php?id=1277




Security advisories by Linux vendors

FreeBSD (FreeBSD-SA-02:43.bind)

http://www.net-security.org/advisory.php?id=1270

(see "Additional Information" section for changed patching steps)

FreeBSD (FreeBSD-SA-02:43.bind - revised)

http://www.net-security.org/advisory.php?id=1293

(this is the revised FreeBSD advisory that fixes the patching steps mentioned above)

Engarde Secure Linux (ESA-20021114-029)

http://www.net-security.org/advisory.php?id=1273

SuSE Linux (SuSE-SA:2002:044)

http://www.net-security.org/advisory.php?id=1278

Red Hat Linux (Security Alert)

http://www.net-security.org/advisory.php?id=1279

Conectiva Linux (CLA-2002:546)

http://www.net-security.org/advisory.php?id=1280

Spotlight

Successful strategies to avoid frequent password changes

Posted on 19 August 2014.  |  After a widespread, nonspecific data breach, the conventional wisdom is that people should change all their passwords. But, there’s a better way.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Aug 20th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //