1) Original advisory on this topic

2) Vendor response (Internet Software Consortium)

3) Security advisories by Linux vendors

4) Additional information




Original advisory on this topic

Brief description: ISS X-Force has discovered several serious vulnerabilities in the Berkeley Internet Name Domain Server (BIND). BIND is the most common implementation of the DNS (Domain Name Service) protocol, which is used on the vast majority of DNS servers on the Internet. DNS is a vital Internet protocol that maintains a database of easy-to-remember domain names (host names) and their corresponding numerical IP addresses.

Vulnerability descriptions can be seen from the ISS X-Force advisory:

http://www.net-security.org/vuln.php?id=2215

Affected Versions:

BIND SIG Cached RR Overflow Vulnerability

BIND 8, versions up to and including 8.3.3-REL

BIND 4, versions up to and including 4.9.10-REL

BIND OPT Denial of Service Vulnerability

BIND 8, versions 8.3.0 up to and including 8.3.3-REL

BIND SIG Expiry Time Denial of Service Vulnerability

BIND 8, versions up to and including 8.3.3-REL

Vendor response (Internet Software Consortium)

Name: "BIND: Remote Execution of Code"

Versions affected: BIND 4.9.5 to 4.9.10

BIND 8.1, 8.2 to 8.2.6, 8.3.0 to 8.3.3

Severity: SERIOUS

Exploitable: Remotely

Type: Possibility to execute arbitrary code.

Description:

When constructing a response containing SIG records a incorrect space allows a write buffer overflow. It is then possible to execute code with the privileges of named.

Workarounds:

Disable recursion if possible.

Patches:

BIND 8.3.3 - bind833.diff

BIND 8.2.6 - bind826.diff

BIND 4.9.10 - bind4910.diff




CERT Advisory

CERT Advisory CA-2002-31 - Multiple Vulnerabilities in BIND

http://www.net-security.org/advisory.php?id=1277




Security advisories by Linux vendors

FreeBSD (FreeBSD-SA-02:43.bind)

http://www.net-security.org/advisory.php?id=1270

(see "Additional Information" section for changed patching steps)