Bind 8.2.3 dies....
Mark.Andrews at nominum.com
Mark.Andrews at nominum.com
Thu Mar 15 22:09:06 UTC 2001
Look at Versions affected, "and all 8.2.3-betas".
Also please please please when you put a version in the subject
make it complete.
Mark
http://www.isc.org/products/BIND/bind-security.html
Name: "tsig bug"
Versions affected:
8.2, 8.2-P1, 8.2.1, 8.2.2-P1, 8.2.2-P2, 8.2.2-P3, 8.2.2-P4,
8.2.2-P5, 8.2.2-P6, 8.2.2-P7, and all 8.2.3-betas
Severity: CRITICAL
Exploitable: Remotely
Type: Access possible.
Description:
It is possible to overflow a buffer handling TSIG signed
queries, thereby obtaining access to the system.
Workarounds: None.
Active Exploits: Exploits for this bug exist.
Mark
>
> All,
>
> Been having a problem with bind 8.2.3-T6B dying with either sig 10
> or 11 at random
> times. Not sure if this version is affected by the CERT advisory or not
> though. (Did not think
> it was) any ideas on this? I'm not planning a migration to bind 9.1.1 until
> things stabilize with it,
> so I need options on fixing this.
>
> Michael "Roadancer" Shoupe
> Network Security Manager
> PSINet Hosting Services
> 703-456-7666
> roadie at psi.com
>
>
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at nominum.com
More information about the bind-users
mailing list