Bug 238398 (CVE-2007-2241) - CVE-2007-2241 bind remote DoS
Summary: CVE-2007-2241 bind remote DoS
Status: CLOSED NOTABUG
Alias: CVE-2007-2241
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
(Show other bugs)
Version: unspecified
Hardware: All Linux
high
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: reported=20070430,public=20070430,imp...
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-04-30 08:33 UTC by Mark J. Cox
Modified: 2008-01-15 15:00 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-01-15 15:00:07 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Extracted patch from 9.4.1 (2.22 KB, patch)
2007-04-30 08:37 UTC, Mark J. Cox
no flags Details | Diff

Description Mark J. Cox 2007-04-30 08:33:05 UTC
Internet Systems Consortium Security Advisory.
                   BIND 9: query_addsoa DoS
                            30 April 2007

Versions affected:

        BIND 9.4.0
        BIND 9.5.0a1, 9.5.0a2, 9.5.0a3

        [BIND 9.5.0* have only been released to BIND Forum members]

Severity: High

Description:

        There are 2 query sequences which can cause a recursive nameserver
        to exit.

Workaround:

        Disable recursion if it is not required by your configuration.

                recursion no;

Fix:

        Upgrade to BIND 9.4.1 or BIND 9.5.0a4.

        Questions should be addressed to bind9-bugs@isc.org.

CVE:    CVE-2007-2241

Comment 2 Mark J. Cox 2007-04-30 08:37:25 UTC
Created attachment 153776 [details]
Extracted patch from 9.4.1

Comment 3 Josh Bressers 2007-04-30 19:48:45 UTC
According to ISC, this flaw only affects BIND 9.4.0 and above.

Comment 4 Mark J. Cox 2007-05-01 08:27:49 UTC
removing embargo, this is public now at        
http://www.isc.org/index.pl?/sw/bind/


Comment 5 Adam Tkac 2007-05-02 14:49:53 UTC
Only rawhide was affected. bind-*9.4.1-1.fc7 is invulnerable

-A-

Comment 6 Tomas Hoger 2008-01-15 15:00:07 UTC
Bind packages as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5 were not
affected by this issue.

Fedora packages were updated where needed as explained in comment #5.


Note You need to log in before you can comment on or make changes to this bug.