Bug 20546
Summary: | bind 8.2.2-P5 remote DoS | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Daniel Roesen <dr> |
Component: | bind | Assignee: | Bernhard Rosenkraenzer <bero> |
Status: | CLOSED ERRATA | QA Contact: | Dale Lovelace <dale> |
Severity: | medium | Docs Contact: | |
Priority: | high | ||
Version: | 6.2 | CC: | bruce, jarno.huuskonen |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2000-11-10 09:37:14 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Daniel Roesen
2000-11-08 23:32:51 UTC
the recursive queried data must NOT be in cache or in a zone that bind is authoritative for. These queries are answered and DON'T kill bind. My now 100% reproducable testcase: - machine is called "foo.whatever.de". - local bind 8.2.2-P5, being authoritative for "whatever.de" - named being open to zone transfers and doing recursive resolving by himself - start named (==> empty caches) - try ZXFR for "whatever.de" - dig @localhost www.someelseoutthere.de A => crash For a trace, hook up on named via strace -p `cat /var/run/named.pid` before the recursive query. workaround for the moment: allow-transfer { trusted-hosts; }; News: "8.2.2-P7 will be available shortly". Answer from Mark.Andrews in response to my report to bind- bugs. The fix is to change: ./bin/named/ns_defs.h:#define STREAM_AXFRIXFR 0x22 to: ./bin/named/ns_defs.h:#define STREAM_AXFRIXFR 0x40 Info from Mark and looks right. bind 8.2.2-P7 is released 8.2.2-P7 has been built in our internal tree and is currently waiting for QA approval. OK, errata updates are out of the door, closing as RESOLVED/ERRATA. |