Vulnerability Development mailing list archives
Re: Possible DOS in Bind 8.2.2-P5
From: Jonatan Sarba <J_SARBA () CRM COM AR>
Date: Mon, 13 Nov 2000 11:25:50 -0300
milg:~# named-xfer -z zone.com.ar -d 9 -f pics -Z dns.zone.com.ar named-xfer[3916]: send ZXFR query 0 to 200.0.1.101 named-xfer[3916]: premature EOF, fetching "zone.com.ar" and the logs in dns server was: Nov 13 13:55:36 dns named[19877]: zone transfer (ZXFR) of "zone.com.ar" (IN) to [200.0.1.101].2916 Nov 13 13:55:36 dns named[30890]: execlp: No such file or directory Nov 13 13:55:36 dns named[19877]: zxfr gzip pid 30890 i've chrooted the named daemon running on redhat-6.0. I think that the user who runs the daemon, doesn't have permissions to execute the 'execlp' function. Is it possible?
-----Original Message----- From: Luke Dudney [SMTP:luke.dudney () WESTNET COM AU] Sent: Thursday, November 09, 2000 10:12 PM To: VULN-DEV () SECURITYFOCUS COM Subject: Re: Possible DOS in Bind 8.2.2-P5-----Original Message----- From: Fabio Pietrosanti (naif) [mailto:fabio () TELEMAIL IT] Sent: Wednesday, November 08, 2000 2:57 AM To: VULN-DEV () SECURITYFOCUS COM Subject: Possible DOS in Bind 8.2.2-P5 Hi, playing with bind and ZXFR feature ( zone transfer compressed with a possible insecure execlp("gzip", "gzip", NULL); ), i discovered a Denial Of Service against Bind 8.2.2-P5 .Crashed bind-8.2.2-P6 (?) from ports on OpenBSD2.7/sparc
Current thread:
- Re: Possible DOS in Bind 8.2.2-P5, (continued)
- Re: Possible DOS in Bind 8.2.2-P5 Tomasz Grabowski (Nov 09)
- Re: Possible DOS in Bind 8.2.2-P5 Guy Cohen (Nov 09)
- Re: Possible DOS in Bind 8.2.2-P5 Mariusz Marcinkiewicz (Nov 09)
- Re: Possible DOS in Bind 8.2.2-P5 (my fault, sorry) Mariusz Marcinkiewicz (Nov 10)
- Re: Possible DOS in Bind 8.2.2-P5 Olaf Kirch (Nov 10)
- Re: Possible DOS in Bind 8.2.2-P5 Paul A Vixie (Nov 10)
- Re: Possible DOS in Bind 8.2.2-P5 Daniel Roesen (Nov 10)
- Re: Possible DOS in Bind 8.2.2-P5 fire-eyes (Nov 14)
- Re: Possible DOS in Bind 8.2.2-P5 Fernando Cardoso (Nov 09)
- Re: Possible DOS in Bind 8.2.2-P5 Luke Dudney (Nov 10)
- Re: Possible DOS in Bind 8.2.2-P5 Jonatan Sarba (Nov 14)
- Re: Possible DOS in Bind 8.2.2-P5 Peter Pentchev (Nov 15)
- Re: Possible DOS in Bind 8.2.2-P5 Johnson, Jeremiah (Nov 15)
- Re: Possible DOS in Bind 8.2.2-P5 Matt Zimmerman (Nov 15)
- Re: Possible DOS in Bind 8.2.2-P5 Peter Pentchev (Nov 15)
- Re: Possible DOS in Bind 8.2.2-P5 Paul Pot (Nov 15)
- Re: Possible DOS in Bind 8.2.2-P5 Chris Tobkin (Nov 15)