Bug 238398 - (CVE-2007-2241) CVE-2007-2241 bind remote DoS
CVE-2007-2241 bind remote DoS
Status: CLOSED NOTABUG
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
high Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
reported=20070430,public=20070430,imp...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-04-30 04:33 EDT by Mark J. Cox (Product Security)
Modified: 2008-01-15 10:00 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-01-15 10:00:07 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Extracted patch from 9.4.1 (2.22 KB, patch)
2007-04-30 04:37 EDT, Mark J. Cox (Product Security)
no flags Details | Diff

  None (edit)
Description Mark J. Cox (Product Security) 2007-04-30 04:33:05 EDT
Internet Systems Consortium Security Advisory.
                   BIND 9: query_addsoa DoS
                            30 April 2007

Versions affected:

        BIND 9.4.0
        BIND 9.5.0a1, 9.5.0a2, 9.5.0a3

        [BIND 9.5.0* have only been released to BIND Forum members]

Severity: High

Description:

        There are 2 query sequences which can cause a recursive nameserver
        to exit.

Workaround:

        Disable recursion if it is not required by your configuration.

                recursion no;

Fix:

        Upgrade to BIND 9.4.1 or BIND 9.5.0a4.

        Questions should be addressed to bind9-bugs@isc.org.

CVE:    CVE-2007-2241
Comment 2 Mark J. Cox (Product Security) 2007-04-30 04:37:25 EDT
Created attachment 153776 [details]
Extracted patch from 9.4.1
Comment 3 Josh Bressers 2007-04-30 15:48:45 EDT
According to ISC, this flaw only affects BIND 9.4.0 and above.
Comment 4 Mark J. Cox (Product Security) 2007-05-01 04:27:49 EDT
removing embargo, this is public now at        
http://www.isc.org/index.pl?/sw/bind/
Comment 5 Adam Tkac 2007-05-02 10:49:53 EDT
Only rawhide was affected. bind-*9.4.1-1.fc7 is invulnerable

-A-
Comment 6 Tomas Hoger 2008-01-15 10:00:07 EST
Bind packages as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5 were not
affected by this issue.

Fedora packages were updated where needed as explained in comment #5.

Note You need to log in before you can comment on or make changes to this bug.