Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
|
|
|
|
|
|
|
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
|
|
|
|
Become a Partner and License Our Database or Notification Service
|
|
|
|
|
|
|
|
|
|
|
|
|
BIND DNSSEC Validation Bug Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1017573 |
|
SecurityTracker URL: http://securitytracker.com/id/1017573
|
|
CVE Reference:
CVE-2007-0494
(Links to External Site)
|
Updated: Jan 31 2007
|
Original Entry Date: Jan 30 2007
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 9.0.x, 9.1.x, 9.2.0 - 9.2.7, 9.3.0 - 9.3.3, 9.4.x prior to 9.4.0rc2
|
Description:
A vulnerability was reported in BIND. A remote user can cause denial of service conditions.
A remote user can send specially crafted data to cause the target service to crash. A type * (ANY) DNS query that results in a response with multiple RRsets can trigger this flaw in the DNSSEC validation code.
The following versions are affected:
BIND 9.0.x
BIND 9.1.x
BIND 9.2.0, 9.2.1, 9.2.2, 9.2.3, 9.2.4, 9.2.5, 9.2.6, 9.2.7
BIND 9.3.0, 9.3.1, 9.3.2, 9.3.3
BIND 9.4.0a1, 9.4.0a2, 9.4.0a3, 9.4.0a4, 9.4.0a5, 9.4.0a6, 9.4.0b1, 9.4.0b2, 9.4.0b3, 9.4.0b4, 9.4.0rc1
BIND 9.5.0a1 (Bind Forum only)
|
Impact:
A remote user can cause the target name service to crash.
|
Solution:
The vendor has issued fixed versions (9.2.8, 9.3.4, and 9.4.0rc2).
The fix will be included in the upcoming BIND 9.5.0a2 release.
[Editor's note: This solution also addresses a separate BIND vulnerability that was previously reported in Alert ID 1017561.]
|
Vendor URL: www.isc.org/ (Links to External Site)
|
Cause:
State error
|
Underlying OS:
Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Tue, 30 Jan 2007 11:24:13 -0500
Subject: BIND
|
http://www.isc.org/sw/bind/bind-security.php
Name: "BIND 9: DNSSEC Validation"
[Added 2007.01.30] Versions affected: BIND 9.0.x (all versions of BIND 9.0) (at end-of-life)
BIND 9.1.x (all versions of BIND 9.1) (at end-of-life)
BIND 9.2.0, 9.2.1, 9.2.2, 9.2.3, 9.2.4, 9.2.5, 9.2.6, 9.2.7
BIND 9.3.0, 9.3.1, 9.3.2, 9.3.3
BIND 9.4.0a1, 9.4.0a2, 9.4.0a3, 9.4.0a4, 9.4.0a5, 9.4.0a6, 9.4.0b1
9.4.0b2, 9.4.0b3, 9.4.0b4, 9.4.0rc1
BIND 9.5.0a1 (Bind Forum only)
Severity: Low
Exploitable: Remotely
Description:
CVE-2007-0493
When validating responses to type * (ANY) queries that return multiple RRsets in the
answer section it is possible to trigger assertions checks. To be vulnerable you need
to have enabled dnssec validation in named.conf by specifying trusted-keys.
Workaround:
Disable / restrict recursion (to limit exposure). Disable DNSSEC validation (remove all
trusted-keys from named.conf).
Fix:
Upgrade to BIND 9.2.8, BIND 9.3.4 or BIND 9.4.0rc2. Additionally this will be fixed in
the upcoming BIND 9.5.0a2.
Note:
It is recommended that anyone using DNSSEC upgrade to BIND 9.3 as the DNSSEC
implementation in BIND 9.2 has been obsoleted.
|
|
Go to the Top of This SecurityTracker Archive Page
|
