From owner-freebsd-questions  Sat Apr 25 12:59:30 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id MAA08249
          for freebsd-questions-outgoing; Sat, 25 Apr 1998 12:59:30 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from caladan.tdx.co.uk (caladan.tdx.co.uk [195.188.177.4])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA08243
          for <freebsd-questions@FreeBSD.ORG>; Sat, 25 Apr 1998 12:59:18 -0700 (PDT)
          (envelope-from kpielorz@tdx.co.uk)
Received: from tdx.co.uk (lorca-tx.tdx.co.uk [195.188.177.242])
	by caladan.tdx.co.uk (8.8.8/8.8.8) with ESMTP id UAA25768;
	Sat, 25 Apr 1998 20:58:51 +0100 (BST)
	(envelope-from kpielorz@tdx.co.uk)
Message-ID: <3542407B.FB33350D@tdx.co.uk>
Date: Sat, 25 Apr 1998 20:58:51 +0100
From: Karl Pielorz <kpielorz@tdx.co.uk>
Organization: TDX
X-Mailer: Mozilla 4.04 [en] (WinNT; I)
MIME-Version: 1.0
To: Dan Busarow <dan@dpcsys.com>
CC: Joao Carlos <jcarlos@bahianet.com.br>, freebsd-questions@FreeBSD.ORG
Subject: Re: BIND
References: <Pine.BSF.3.96.980425124104.9520A-100000@java.dpcsys.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Hi,

I remember reading about this a while ago - but apparently the default
config for 4.9.X and 8.X is safe...

For the server to be vunerable you must have:

"options	fake-iquery"

in your named.boot/named.conf file...

If it's not there your OK...

If it is there apparently theres a possible root exploit by a classic buffer
overrun etc... :-(

It was issued in CERT advisory CA-98.05, called "bind_problems" - at the
time the latest versions were affected, this may have changed now though...

I don't know where you can get it on the net (maybe CERT have archives?) -
If you need I can mail you a copy...

Regards,

Karl Pielorz

Dan Busarow wrote:
> 
> On Sat, 25 Apr 1998, Joao Carlos wrote:
> >       I'm not an experient user of UNIX systems and I saw an article talking
> > about an exploit in BIND 8 or BIND 4.9.
> 
> I am not aware of any exploits in BIND 8.x or 4.9.6.  The article
> almost certainly referred to the exploit in 4.9.5 (and earlier)
> which 4.9.6 fixed.  BIND 8.x is not vulnerable.
> 
> Which version of FreeBSD are you using?  2.2.5 comes with 4.9.6,
> anything earlier, like 2.2.1 probably has 4.9.5 or older and should
> be updated.
> 
> Dan

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message