From owner-freebsd-security@FreeBSD.ORG Thu Feb 1 21:55:37 2007 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id A370916A407; Thu, 1 Feb 2007 21:55:37 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from pi.codefab.com (pi.codefab.com [199.103.21.227]) by mx1.freebsd.org (Postfix) with ESMTP id 73A2313C48E; Thu, 1 Feb 2007 21:55:37 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from localhost (localhost [127.0.0.1]) by pi.codefab.com (Postfix) with ESMTP id DA9D660CB; Thu, 1 Feb 2007 16:55:36 -0500 (EST) X-Virus-Scanned: amavisd-new at codefab.com Received: from pi.codefab.com ([127.0.0.1]) by localhost (pi.codefab.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WAgqFrRppqIl; Thu, 1 Feb 2007 16:55:34 -0500 (EST) Received: from [192.168.1.251] (pool-68-161-114-230.ny325.east.verizon.net [68.161.114.230]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by pi.codefab.com (Postfix) with ESMTP id 3A92460B8; Thu, 1 Feb 2007 16:55:34 -0500 (EST) Message-ID: <45C261D5.60201@mac.com> Date: Thu, 01 Feb 2007 16:55:33 -0500 From: Chuck Swiger User-Agent: Thunderbird 1.5.0.9 (Windows/20061207) MIME-Version: 1.0 To: Colin Percival , freebsd-security@freebsd.org References: <001601c74428$ff9d54b0$ab76ed54@odipw> <45BEE27D.1050804@FreeBSD.org> <45BFA1B3.9040000@rxsec.com> <45C23DAA.9040108@FreeBSD.org> <45C24D57.3000704@mac.com> <45C257DA.7010205@freebsd.org> In-Reply-To: <45C257DA.7010205@freebsd.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Subject: Re: What about BIND 9.3.4 in FreeBSD in base system ? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Feb 2007 21:55:37 -0000 Colin Percival wrote: > Chuck Swiger wrote: >> I've been bitten by CVE-2006-4096, and have applied the workaround to >> limit the # of outstanding queries. I've got two nameservers tracking >> 5-STABLE which were vulnerable to CVE-2006-4095 > > You realize that these two issues were addressed in FreeBSD-SA-06:20.bind > on September 6th, right? Yes-- although it's not entirely clear that the problem of named terminating when exposed to high query rates has been entirely fixed, which is why I mentioned the additional 2007 CVE and am using "adnslogres -c 50" rather than 200 or 1000. % grep Id /usr/src/contrib/bind9/bin/named/query.c /* $Id: query.c,v 1.198.2.13.4.43 2006/08/31 03:57:11 marka Exp $ */ % named -v BIND 9.3.2 % head /etc/stable-supfile *default host=cvsup9.FreeBSD.org *default base=/usr *default prefix=/usr *default release=cvs tag=RELENG_5 *default delete use-rel-suffix -- -Chuck