Bind 8.2.3 dies....

Mark.Andrews at Mark.Andrews at
Thu Mar 15 22:09:06 UTC 2001

	Look at Versions affected, "and all 8.2.3-betas".

	Also please please please when you put a version in the subject
	make it complete.


Name: "tsig bug"

Versions affected:
	8.2, 8.2-P1, 8.2.1, 8.2.2-P1, 8.2.2-P2, 8.2.2-P3, 8.2.2-P4,
	8.2.2-P5, 8.2.2-P6, 8.2.2-P7, and all 8.2.3-betas
Severity: CRITICAL
Exploitable: Remotely
Type: Access possible.
	 It is possible to overflow a buffer handling TSIG signed
	 queries, thereby obtaining access to the system.
Workarounds: None. 
Active Exploits: Exploits for this bug exist. 

>         All,
>         Been having a problem with bind 8.2.3-T6B dying with either sig 10
> or 11 at random
> times. Not sure if this version is affected by the CERT advisory or not
> though. (Did not think
> it was) any ideas on this? I'm not planning a migration to bind 9.1.1 until
> things stabilize with it,
> so I need options on fixing this.
> Michael "Roadancer" Shoupe
> Network Security Manager
> PSINet Hosting Services
> 703-456-7666
> roadie at
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at

More information about the bind-users mailing list