Date: Thu, 09 Nov 2000 14:28:07 -0500 From: Bill Munger <dave@nrmail.com> To: freebsd-security@freebsd.org Subject: Re: DOS vulnerability in BIND 8.2.2-P5 Message-ID: <3A0AFAC7.E5A7D470@nrmail.com> References: <Pine.LNX.4.21.0011091126490.17328-100000@oxygen.americanisp.net>
next in thread | previous in thread | raw e-mail | index | archive | help
This DoS has no effect on my FreeBSD 4.1-RC2 machine running bind-8.2.2-P5. Bind was compiled from source retrieved from the ISC website, it is not the FreeBSD integrated version. All compile time options are the defaults. The only effect this attack had on the target machine was to place the following in the logs each time: Nov 9 13:14:18 hermes named[112]: approved ZXFR from [172.23.200.3].1602 for "zonehead.org" Nov 9 13:14:18 hermes named[112]: unsupported XFR (type ZXFR) of "zonehead.org" (IN) to [172.23.200.3].1602 The transfer is allowed by the "allow-transfer" directive, but ZXFR is unsupported, and named continues to function normally. Again, bind-8.2.2-P5 direct from ISC does not seem to be vulnerable in this configuration. That is all. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A0AFAC7.E5A7D470>