Bug 4500 - Denial of Service - BIND or GLibC
Summary: Denial of Service - BIND or GLibC
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: bind
Version: 6.0
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Cristian Gafton
QA Contact:
: 4111 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 1999-08-13 03:01 UTC by emolitor
Modified: 2008-05-01 15:37 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2000-01-06 21:11:59 UTC

Attachments (Terms of Use)

Description emolitor 1999-08-13 03:01:58 UTC
When running Bind 8.2.1 on Redhat 6.0 BIND locks up when
recieving an invalid zone transfer. The only solution is to
restart bind. An strace makes it appear that this might be a
glibc bug relating to the gettimeofday function, but it
could be anything. The fact is that it renders a DNS server

I emailed jturner a detailed message and a
confirmation by another individual on this problem.

                    -- OUTPUT FROM strace --

"\2471\1\0\0\1\0\0\0\0\0\0\00235\002"..., 513, 0,
{sin_family=AF_INET, sin_port=htons(1546),
[16]) = 43
"\2471\205\200\0\1\0\1\0\3\0\3\002"..., 207, 0,
{sin_family=AF_INET, sin_port=htons(1546),
                    sin_addr=inet_addr("")}, 16)
= 207
                    recvfrom(22, 0xbffff9a0, 513, 0,
0xbffffba4, 0xbffff98c) = -1 ECONNREFUSED (Connection
                    gettimeofday({934263570, 54725}, NULL)
= 0
                    readv(7, [{"\0\"", 2}], 1)
= 2
                    fcntl(7, F_GETFL)                      =
0x802 (flags O_RDWR|O_NONBLOCK) gettimeofday({934263570,
55682}, NULL)
                    = 0
                    fcntl(7, F_GETFL)                      =
0x802 (flags O_RDWR|O_NONBLOCK) gettimeofday({934263570,
56295}, NULL)
                    = 0
"\0\277\5[\204\200\0\1\0\1\0\3\0\3"..., 193) = 193 fcntl(8,
F_GETFL)                      = 0x802 (flags
                    O_RDWR|O_NONBLOCK) fcntl(8, F_GETFL)
                  = 0x802 (flags O_RDWR|O_NONBLOCK)
                    gettimeofday({934263570, 58175}, NULL)
= 0
                    readv(6, [{"\0\33", 2}], 1)            =
                    fcntl(6, F_GETFL)                      =
0x802 (flags O_RDWR|O_NONBLOCK) gettimeofday({934263570,
59138}, NULL)
                    = 0

                    -- OUTPUT from strace --

Comment 1 emolitor 1999-08-14 05:50:59 UTC
Probably also the cause of BUG 4111

Comment 2 Cristian Gafton 1999-09-17 11:36:59 UTC
*** Bug 4111 has been marked as a duplicate of this bug. ***

After upgrading from Redhat5.2 to Redhat6.0, bind started
having some serious problems.  Our nameserver, which handles
DNS for about 10,000 users and 800 domains, started
experiencing "brown outs", where it would just stop
responding.  The solution was to either wait a long time,
and it would correct itself, or restart named.

It is not reproducable at will, but it does happen at least
a few times a day, on our system with that load.  Also I
would notice that on many occasions bind would peg the cpu.

Moving the rawhide's bind fixed this problem.  Reason is
still unknown.

------- Additional Comments From jturner  07/20/99 13:36 -------
This issue has been submitted to developer for further action.

I think that we might want to consider releasing bind-8.2.1-3 as an
errata item, as it seems to fix a number of problems that people are
seeing in bind-8.2-6.

Comment 3 Cristian Gafton 1999-09-17 11:38:59 UTC
Does the bind from rawhide and/or Lorax fixes the problem?

------- Additional Comments From   09/30/99 02:05 -------
One the topic of bind 8.2.1, There are some serious bugs (according
to ISC) in BIND 8.2 and below that could allow someone access to root
privledges and/or cause Denial Of Service attacks.  There is not an
rpm on bind 8.2.1 yet is there?  And will the problem described by
emoliter exist in all releases of BIND 8.2.1?

I am trying to decide if I should upgrade my nameserver running 8.2
to 8.2.1 or if I should perhaps wait for 8.2.1a or something.  Please

------- Additional Comments From   09/30/99 02:08 -------
Correction to above.  I think I did not make it clear that the bugs
described by ISC in Bind 8.2 only effect bind 8.2.  They are fixed in
8.2.1.  I am just concerned about what to do because I have not seen
an rpm for bind 8.2.1.  My redhat 6.0 machine came with and is
currently using Bind 8.2

Comment 4 Aleksey Nogin 1999-11-26 18:47:59 UTC
Shouldn't this be marked as fixed in the errata?

Comment 5 Cristian Gafton 2000-01-06 21:11:59 UTC
The rpm fropm 6.1 fixes this. Also the rpms available through errata pages.

Note You need to log in before you can comment on or make changes to this bug.