(FreeBSD Issues Fix) BIND 8 Negative Cache Poisoning May Cause Denial of Service Conditions
|
|
SecurityTracker Alert ID: 1008316 |
|
SecurityTracker URL: http://securitytracker.com/id/1008316
|
|
CVE Reference:
CAN-2003-0914
(Links to External Site)
|
Date: Nov 27 2003
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 8.4.2 and prior versions
|
Description:
A vulnerability was reported in BIND 8. A remote user can introduce invalid DNS records to cause denial of service conditions.
It is reported that a remote user can conduct a cache poisoning attack by causing the target server to retain invalid negative responses. A temporary denial of service may occur until the invalid record expires from the cache.
No further details were provided.
|
Impact:
A remote user can cause denial of service conditions.
|
Solution:
FreeBSD has released a fix for the RELENG_5_1 and RELENG_4_9 security branches, and plans to release fixes for 4.7 and 4.8 shortly.
[FreeBSD -CURRENT, -STABLE, 4.9]
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-03:19/bind-836.patch
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-03:19/bind-836.patch.asc
[FreeBSD 5.1, 4.8]
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-03:19/bind-834.patch
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-03:19/bind-834.patch.asc
[FreeBSD 4.7, 4.6, 4.5, 4.4]
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-03:19/bind-833.patch
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-03:19/bind-833.patch.asc
|
Vendor URL: isc.org/products/BIND/ (Links to External Site)
|
Cause:
Input validation error
|
Underlying OS:
UNIX (FreeBSD)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Wed, 26 Nov 2003 19:11:30 -0600
Subject: HEADS-UP: BIND denial-of-service vulnerability
|
--UugvWAfsgieZRqgk
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hello Everyone,
ISC has released new versions of BIND 8 which address a remotely
exploitable denial-of-service vulnerability that may allow an attacker
to perform `negative cache poisoning'--- convincing a name server that
certain RRs do not exist (even though they may). I do not know of any
workaround at this time.
I have committed fixes to the RELENG_5_1 and RELENG_4_9 security
branches. Due to personal obligations this evening [*], I will
likely not update RELENG_4_8 and RELENG_4_7 until sometime tomorrow.
Likewise, the advisory will follow tomorrow. However, you can find
patches at the following URLs:
[FreeBSD -CURRENT, -STABLE, 4.9]
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-03:19/bind-836.patch
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-03:19/bind-836.patch.asc
[FreeBSD 5.1, 4.8]
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-03:19/bind-834.patch
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-03:19/bind-834.patch.asc
[FreeBSD 4.7, 4.6, 4.5, 4.4]
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-03:19/bind-833.patch
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-03:19/bind-833.patch.asc
(If you don't find them at ftp.freebsd.org, try ftp2.freebsd.org.)
I expect Doug Barton will upgrade BIND 8 in -STABLE and -CURRENT
tonight or tomorrow.
Cheers,
--=20
Jacques Vidrine NTT/Verio SME FreeBSD UNIX Heimdal
nectar@celabo.org jvidrine@verio.net nectar@freebsd.org nectar@kth.se
[*] Happy Thanksgiving to those celebrating it, by the way!
----- Forwarded message from Jacques Vidrine <nectar@FreeBSD.org> -----
Date: Wed, 26 Nov 2003 16:54:53 -0800 (PST)
=46rom: Jacques Vidrine <nectar@FreeBSD.org>
To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
Subject: cvs commit: src UPDATING src/sys/conf newvers.sh src/contrib/bind
Version src/contrib/bind/bin/named ns_resp.c
Message-Id: <200311270054.hAR0srnr052777@repoman.freebsd.org>
nectar 2003/11/26 16:54:53 PST
FreeBSD src repository
Modified files: (Branch: RELENG_5_1)
. UPDATING=20
sys/conf newvers.sh=20
contrib/bind Version=20
contrib/bind/bin/named ns_resp.c=20
Log:
Correct a remote denial-of-service attack in named(8).
=20
Revision Changes Path
1.251.2.13 +3 -0 src/UPDATING
1.1.1.11.2.1 +1 -1 src/contrib/bind/Version
1.1.1.11.2.1 +9 -3 src/contrib/bind/bin/named/ns_resp.c
1.50.2.13 +1 -1 src/sys/conf/newvers.sh
----- End forwarded message -----
----- Forwarded message from Jacques Vidrine <nectar@FreeBSD.org> -----
Date: Wed, 26 Nov 2003 16:56:06 -0800 (PST)
=46rom: Jacques Vidrine <nectar@FreeBSD.org>
To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
Subject: cvs commit: src UPDATING src/sys/conf newvers.sh src/contrib/bind
Version src/contrib/bind/bin/named ns_resp.c
Message-Id: <200311270056.hAR0u62k052941@repoman.freebsd.org>
nectar 2003/11/26 16:56:06 PST
FreeBSD src repository
Modified files: (Branch: RELENG_4_9)
. UPDATING=20
sys/conf newvers.sh=20
contrib/bind Version=20
contrib/bind/bin/named ns_resp.c=20
Log:
Correct a remote denial-of-service attack in named(8).
=20
Revision Changes Path
1.73.2.89.2.2 +12 -0 src/UPDATING
1.1.1.3.2.9.2.1 +1 -1 src/contrib/bind/Version
1.1.1.2.2.10.2.1 +9 -3 src/contrib/bind/bin/named/ns_resp.c
1.44.2.32.2.2 +1 -1 src/sys/conf/newvers.sh
----- End forwarded message -----
--UugvWAfsgieZRqgk
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)
iD8DBQE/xU9CFdaIBMps37IRAujJAJ9IiFfICLAxC3cjuxeuyiK7/X2KtwCeMcNf
WfgT8Xi8deadiIDN/qWDQIk=
=i2LN
-----END PGP SIGNATURE-----
--UugvWAfsgieZRqgk--
|
|
