From owner-freebsd-security  Mon Jun  1 08:12:50 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id IAA22501
          for freebsd-security-outgoing; Mon, 1 Jun 1998 08:12:50 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from passer.osg.gov.bc.ca (passer.osg.gov.bc.ca [142.32.110.29])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA22486
          for <freebsd-security@freebsd.org>; Mon, 1 Jun 1998 08:12:40 -0700 (PDT)
          (envelope-from cschuber@passer.osg.gov.bc.ca)
Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.9.0/8.6.10) id IAA29510; Mon, 1 Jun 1998 08:12:10 -0700 (PDT)
Message-Id: <199806011512.IAA29510@passer.osg.gov.bc.ca>
Received: from localhost(127.0.0.1), claiming to be "passer.osg.gov.bc.ca"
 via SMTP by localhost, id smtpdaaCzsa; Mon Jun  1 08:12:06 1998
X-Mailer: exmh version 2.0gamma 1/27/96
Reply-to: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>
X-Sender: cschuber
To: Steve Reid <sreid@alpha.sea-to-sky.net>
cc: freebsd-security@FreeBSD.ORG
Subject: Re: /usr/sbin/named 
In-reply-to: Your message of "Sun, 31 May 1998 23:56:23 PDT."
             <Pine.LNX.3.95.iB1.0.980531235510.7174A-100000@alpha.sea-to-sky.net> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Mon, 01 Jun 1998 08:11:44 -0700
From: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Named under FreeBSD is not compiled with inverse query.  Out-of-the-box 
FreeBSD should be impervious to this attack.


Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
Open Systems Group          Internet:  cschuber@uumail.gov.bc.ca
ITSD                                   Cy.Schubert@gems8.gov.bc.ca
Government of BC            
                                       
> Is /usr/sbin/named as distributed with FreeBSD 2.2.6-RELEASE vulnerable
> to known exploits?
> 
> Strings shows the version as 4.9.6-REL and a recent Bugtraq post listed
> this version as exploitable. However, although the _version_ is the same
> between my 2.2.6-RELEASE and 2.2.5-RELEASE machines, the _dates_ are
> different. Is /usr/sbin/named in 2.2.6-RELEASE fixed? 
> 
> Also... Is there any reason for this daemon to run as root, other than
> binding to port 53? Would it be possible and reasonable to patch it to
> give up root after binding to the port? 
> 
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe security" in the body of the message



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message