[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: BIND 8.2.2-P5 Possible DOS

To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Re: BIND 8.2.2-P5 Possible DOS
From: Jeroen Ruigrok/Asmodai <asmodai@FREEBSD.ORG>
Date: Wed, 8 Nov 2000 21:59:51 +0100

-On [20001108 19:01], Fabio Pietrosanti (naif) (fabio@TELEMAIL.IT) wrote:
>playing with bind and ZXFR feature ( zone transfer compressed with a
>possible insecure execlp("gzip", "gzip", NULL); ), i discovered a
>Denial Of Service against Bind 8.2.2-P5 .

Data points:

FreeBSD 4-STABLE and 5-CURRENT with BIND 8.2.3-T5B and T6B plus aa_patch
and the described `DoS/exploit' will not work.  The logs show that it
got a zonetransfer type which was unsupported, but the named just keeps
on ticking.

Solaris with BIND 8.2.2-p5 has no problems as well.  And I am betting
money on it that BIND 8.2.2-p5 will not fail under FreeBSD as well.

Personally I think it will not cause problems on a lot of systems, aside
from spurious log entries.

However, there is always a chance of DoS'ing a nameserver with
zonetransfers.  But that falls outside the reported scope of the
mentioned special DoS/exploit using ZXFR's in conjunction with BIND.

--
Jeroen Ruigrok vd Werven/Asmodai    asmodai@[wxs.nl|bart.nl|freebsd.org]
Documentation nutter/C-rated Coder BSD: Technical excellence at its best
The BSD Programmer's Documentation Project <http://home.wxs.nl/~asmodai>
The fragrance always stays in the hand that gives the rose...

Prev by Date: Re: vlock vulnerability in RedHat 7.0
Next by Date: Re: BIND 8.2.2-P5 Possible DOS
Prev by thread: Re: BIND 8.2.2-P5 Possible DOS
Next by thread: Re: BIND 8.2.2-P5 Possible DOS
Index(es):
- Date
- Thread