From: "Vladimir I. Kulakov" <kulakov@kudesniki.ru> To: "Michael Bryan" <fbsd-secure@ursine.com>, <freebsd-security@FreeBSD.ORG> Subject: Re: DOS vulnerability in BIND 8.2.2-P5 Message-ID: <20001110094353Z836051-5940%2B45509@ajax1.sovam.com>
next in thread | raw e-mail | index | archive | help
> For those who haven't yet seen the messages in BugTraq, there is > a DOS vulnerability in BIND 8.2.2-P5. Sending a ZXFR request to > a server can cause it to crash. (The crash might happen a few > minutes after the ZXFR request, as it sets something up for a later > failure.) If BIND is setup to restrict zone transfers to only those > hosts that you trust, only those hosts can trigger the bug, so that's > the easiest way to protect yourself. Sites that don't have an > "allow-transfer" acl restriction on zone transfers are wide open to > this DOS attack, though, and there are apparently a lot of sites > which are wide open like this. Yesterday, November, 9, ISC already released fixed version 8.2.2-P7 without this vulnerability (see http://www.isc.org/ ). ----------------------------------------------------- Vladimir I. Kulakov http://www.kudesniki.ru/ VK9-RIPN kulakov@kudesniki.ru 2:5020/779.27@fidonet.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001110094353Z836051-5940%2B45509>