oss-sec mailing list archives

Re: debian bug report on bind9 DoS

From: Robert Buchholz <rbu () gentoo org>
Date: Wed, 29 Jul 2009 00:04:36 +0200

On Tuesday 28 July 2009, Vincent Danen wrote:

I don't think
it's a huge problem with a well-secured bind9 configuration, but
could be quite problematic for bind config's that allow updates
without an RNDC key (typical of some dynamic DNS implementations), or
on a system that has lax enough permissions that the RNDC key is
exposed.


The crash is not limited to configurations that allow updates.
The ISC advisory states so as well, and I could reproduce the DoS on a 
static named instance by removing the "$packet->sign_tsig(...)" line in 
the exploit.
So the scope of this issue is wider than apparent from the original 
report.


Robert

Attachment: signature.asc
Description: This is a digitally signed message part.

Current thread:

debian bug report on bind9 DoS Vincent Danen (Jul 28)
- Re: debian bug report on bind9 DoS Thijs Kinkhorst (Jul 28)
  - Re: debian bug report on bind9 DoS Vincent Danen (Jul 28)
- Re: debian bug report on bind9 DoS Robert Buchholz (Jul 28)
  - Re: debian bug report on bind9 DoS Nico Golde (Jul 29)
  - Re: debian bug report on bind9 DoS Solar Designer (Jul 29)
    - Re: debian bug report on bind9 DoS Solar Designer (Jul 29)