Security Incidents mailing list archives

Re: BIND 9.2.1 crashes

From: jlewis () lewis org
Date: Mon, 6 Oct 2003 13:01:32 -0400 (EDT)

On Mon, 6 Oct 2003, Keith Bergen wrote:

Benjamin,

My paranoia always assumes a buffer overflow and comprimise. 
BIND 9.2.1 appears to be vulnerable to a buffer overflow. I


The 9.2.1 he mentioned he's running on Red Hat 7.2 is the latest version 
of that package from Red Hat...which includes backported security updates.
If there are holes in that bind, they're not known to the general public.

BTW...I've seen the same problem with bind-9.2.1-1.7x.2 on Red Hat 7.2 
where named will apparently get stuck in some loop, sit in state R, and 
cease answering queries until named is killed/restarted.
 
----------------------------------------------------------------------
 Jon Lewis *jlewis () lewis org*|  I route
 Senior Network Engineer     |  therefore you are
 Atlantic Net                |  
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________


---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

BIND 9.2.1 crashes Benjamin Franz (Oct 06)
- <Possible follow-ups>
- Re: BIND 9.2.1 crashes Keith Bergen (Oct 06)
  - Re: BIND 9.2.1 crashes jlewis (Oct 06)
  - Re: BIND 9.2.1 crashes Benjamin Franz (Oct 06)
- RE: BIND 9.2.1 crashes LordInfidel (Oct 07)
  - RE: BIND 9.2.1 crashes Benjamin Franz (Oct 07)