Date: Tue, 5 Jun 2012 11:08:14 +0400 From: Solar Designer <solar@...nwall.com> To: oss-security@...ts.openwall.com Subject: BIND: Handling of zero length rdata can cause named to terminate unexpectedly Hi, I think we should have this in here. This is CVE-2012-1667. http://www.isc.org/software/bind/advisories/cve-2012-1667 "Handling of zero length rdata can cause named to terminate unexpectedly Summary: Processing of DNS resource records where the rdata field is zero length may cause various issues for the servers handling them. CVE: CVE-2012-1667 Posting date: 04 Jun 2012 Program Impacted: BIND Versions affected: 9.0.x -> 9.6.x, 9.4-ESV->9.4-ESV-R5-P1, 9.6-ESV->9.6-ESV-R7, 9.7.0->9.7.6, 9.8.0->9.8.3, 9.9.0->9.9.1 Severity: Critical Exploitable: Remotely Description: This problem was uncovered while testing with experimental DNS record types. It is possible to add records to BIND with null (zero length) rdata fields. Processing of these records may lead to unexpected outcomes. Recursive servers may crash or disclose some portion of memory to the client. Secondary servers may crash on restart after transferring a zone containing these records. Master servers may corrupt zone data if the zone option "auto-dnssec" is set to "maintain". Other unexpected problems that are not listed here may also be encountered. Impact: This issue primarily affects recursive nameservers. Authoritative nameservers will only be impacted if an administrator configures experimental record types with no data. If the server is configured this way, then secondaries can crash on restart after transferring that zone. Zone data on the master can become corrupted if the zone with those records has named configured to manage the DNSSEC key rotation." "Solution: Upgrade to BIND version 9.6-ESV-R7-P1, 9.7.6-P1, 9.8.3-P1, or 9.9.1-P1 Acknowledgment: Dan Luther, Level3 Communications, for finding the issue, Jeffrey A. Spain, Cincinnati Day School, for replication and testing." Sounds like backporting time... Alexander
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.