Date: Wed, 29 Jul 2009 11:20:09 +0200 From: Nico Golde <oss-security+ml@...lde.de> To: oss-security@...ts.openwall.com Cc: Vincent Danen <vdanen@...hat.com> Subject: Re: debian bug report on bind9 DoS Hi, * Robert Buchholz <rbu@...too.org> [2009-07-29 00:13]: > On Tuesday 28 July 2009, Vincent Danen wrote: > > I don't think > > it's a huge problem with a well-secured bind9 configuration, but > > could be quite problematic for bind config's that allow updates > > without an RNDC key (typical of some dynamic DNS implementations), or > > on a system that has lax enough permissions that the RNDC key is > > exposed. > > The crash is not limited to configurations that allow updates. Confirmed. > The ISC advisory states so as well, and I could reproduce the DoS on a > static named instance by removing the "$packet->sign_tsig(...)" line in > the exploit. So the scope of this issue is wider than apparent from > the original report. Hmm I'd consider that a bug as well or is there a reason why bind shouldn't verify update's authorization before processing them? Cheers Nico -- Nico Golde - http://www.ngolde.de - nion@...ber.ccc.de - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted. Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.