oss-sec mailing list archives
Re: debian bug report on bind9 DoS
From: Solar Designer <solar () openwall com>
Date: Wed, 29 Jul 2009 17:48:19 +0400
On Wed, Jul 29, 2009 at 05:15:09PM +0400, Solar Designer wrote:
Confirmed on 9.3.5-P2 (removing the "$packet->sign_tsig(...)" line from the exploit as above) with whatever patches we happened to have until this latest fix.
It gets worse: I was also able to crash named from an IP address explicitly denied in "allow-query". I did verify that non-malicious queries from that IP address were indeed correctly denied. It appears that BIND does too much processing too early in the code. Alexander
Current thread:
- debian bug report on bind9 DoS Vincent Danen (Jul 28)
- Re: debian bug report on bind9 DoS Thijs Kinkhorst (Jul 28)
- Re: debian bug report on bind9 DoS Vincent Danen (Jul 28)
- Re: debian bug report on bind9 DoS Robert Buchholz (Jul 28)
- Re: debian bug report on bind9 DoS Nico Golde (Jul 29)
- Re: debian bug report on bind9 DoS Solar Designer (Jul 29)
- Re: debian bug report on bind9 DoS Solar Designer (Jul 29)
- Re: debian bug report on bind9 DoS Thijs Kinkhorst (Jul 28)