[NBLUG/talk] [Fwd: Re: BIND 9.2.2 Vulnerabilities?]

ME dugan at passwall.com
Thu Mar 6 11:03:00 PST 2003


I posted before that ISC suggested an upgrade to 9.2.2 from 9.2.1, but
there were no posted serious vulnerabilities, and it was not considered an
urgent upgrade.

This recent post to BUGTRAQ suggests there may, at least, be a DoS against
BIND 9.2.1. If this is an exploitable hole is another issue.

---------------------------- Original Message ----------------------------
Subject: Re: BIND 9.2.2 Vulnerabilities?
From:    "Scott Wunsch" <bugtraq at tracking.wunsch.org>
Date:    Thu, March 6, 2003 7:43 am
To:      "John" <bugtraq at doomsday.com>
--------------------------------------------------------------------------
On Wed, 05-Mar-2003 at 15:46:41 -0600, John wrote:

> That was really what I was trying to get at.  If there are
vulnerabilities  I don't think that they are being discussed in a manner
that brings this  to the attention of those of us who are running 9.2.1.
 It seems that the  announcement was rather low-key and I stumbled
across this information on  the website almost by mistake.

I'm rather puzzled by it too :-).  Some days before before the 9.2.2
release, my 9.2.1 nameserver was getting repeatedly killed (with an
assertion failure) by a stream of DNS queries over TCP from one of our
users.  Every time I restarted it, it would die again within a few
seconds. We "solved" the problem by blocking traffic from the customer who
was generating all the TCP queries.

I reported this to ISC, and was informed that this was fixed in 9.2.2rc1
(but my request for more details was ignored).

So, if nothing else, I consider 9.2.2 to be a fix for a denial of service
problem.

-- 
Take care,
Scott \\'unsch

... Write all complaints in this box (in triplicate): []  Thank You!






More information about the talk mailing list