Hide Forgot
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3a) Gecko/20021207 Phoenix/0.5 Description of problem: On our DNS server, bind v9.2.1 is easily crashed by running the Nessus vulnerability scanner with all tests (not only safe tests) selected. In testing, the named service crashed consistently each time it was tested. The service would either crash immediately or within 30 seconds. After downloading, compiling and installing BIND v9.2.2, the service no longer crashes. An upgrade RPM should be fairly trivial to produce. When configured and compiled with options matching the Red Hat 8.0 directory tree, I was able to upgrade without any changes to my BIND configuration. Version-Release number of selected component (if applicable): bind-utils-9.2.1-9 How reproducible: Always Steps to Reproduce: 1. Download and install the Nessus vulnerability scanner (nessus.org) 2. Run named v9.2.1 on RH8 (possibly other versions) 3. Run Nessus and select ALL tests 4. Select the IP of the DNS server and scan Actual Results: Named service crashes within 30 seconds. Expected Results: Nothing Additional info:
The bind-9.2.2 package is done but it is being held up from going to rawhide, because of some unrelated problems. Dan