From owner-freebsd-security Fri Nov 10 1:44:10 2000 Delivered-To: freebsd-security@freebsd.org Received: from ajax1.sovam.com (ajax1.sovam.com [194.67.1.172]) by hub.freebsd.org (Postfix) with ESMTP id 0930D37B479 for ; Fri, 10 Nov 2000 01:44:04 -0800 (PST) Received: from ts12-a138.dial.sovam.com ([195.239.1.138]:3390 "EHLO pentium" ident: "NO-IDENT-SERVICE[2]" whoson: "-unregistered-" smtp-auth: TLS-CIPHER: TLS-PEER: ) by ajax1.sovam.com with ESMTP id ; Fri, 10 Nov 2000 12:43:40 +0300 Reply-To: From: "Vladimir I. Kulakov" To: "Michael Bryan" , Subject: Re: DOS vulnerability in BIND 8.2.2-P5 Date: Fri, 10 Nov 2000 12:44:07 +0300 X-MSMail-Priority: Normal X-Priority: 3 X-Mailer: Microsoft Internet Mail 4.70.1155 MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20001110094353Z836051-5940+45509@ajax1.sovam.com> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > For those who haven't yet seen the messages in BugTraq, there is > a DOS vulnerability in BIND 8.2.2-P5. Sending a ZXFR request to > a server can cause it to crash. (The crash might happen a few > minutes after the ZXFR request, as it sets something up for a later > failure.) If BIND is setup to restrict zone transfers to only those > hosts that you trust, only those hosts can trigger the bug, so that's > the easiest way to protect yourself. Sites that don't have an > "allow-transfer" acl restriction on zone transfers are wide open to > this DOS attack, though, and there are apparently a lot of sites > which are wide open like this. Yesterday, November, 9, ISC already released fixed version 8.2.2-P7 without this vulnerability (see http://www.isc.org/ ). ----------------------------------------------------- Vladimir I. Kulakov http://www.kudesniki.ru/ VK9-RIPN kulakov@kudesniki.ru 2:5020/779.27@fidonet.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message