Bug 98587 - redhat-7.3 bind-9.2.1-1.7x.2 vulnerable to buffer-overflow
redhat-7.3 bind-9.2.1-1.7x.2 vulnerable to buffer-overflow
Status: CLOSED NOTABUG
Product: Red Hat Linux
Classification: Retired
Component: bind (Show other bugs)
7.3
All Linux
high Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
http://www.isc.org/products/BIND/bind...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-07-04 00:12 EDT by Colin Kong
Modified: 2007-03-27 00:07 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-07-04 09:00:34 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Colin Kong 2003-07-04 00:12:08 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 
1.0.3705)

Description of problem:
Hello Redhat,

I am using 7.3 and bind-9.2.1 which came with the system.  I ran nessus and it 
indicates that there is security issues with bind-9.2.1, is it possible that 
Redhat can issue an errata for that so that 7.3 can run bind-9.2.2?  Thanks.

Output from nessus:
The remote BIND 9 server, according to its
version number, is vulnerable to a buffer
overflow which may allow an attacker to
gain a shell on this host or to disable
this server.


Solution : upgrade to bind 9.2.2 or downgrade to the 8.x series
See also : http://www.isc.org/products/BIND/bind9.html
Risk factor : High

Thanks.
- Colin Kong

Version-Release number of selected component (if applicable):
redhat-7.3 bind-9.2.1-1.7x.2

How reproducible:
Always

Steps to Reproduce:
1. Install nessus.
2. Use the default settings of nessus to scan a redhat-7.3 system running bind 
9.2.1.
3. Read ``domain (53/tcp)'' section in the report output by nessus.
    

Additional info:
Comment 1 Mark J. Cox (Product Security) 2003-07-04 09:00:34 EDT
This is most likely a false positive that is triggered because we backport
security fixes without moving to new upstream versions of packages like bind. 
See https://www.redhat.com/advice/speaks_backport.html for some background about
this.

If Nessus gives you an associated CVE name, such as CAN-2002-0651 (which is most
likely the issue it is telling you about) you can search the Red Hat web site to
find out which update contained a fix for the issue.  (For CAN-2002-0651 it is
http://rhn.redhat.com/errata/RHSA-2002-133.html)

Note You need to log in before you can comment on or make changes to this bug.