Multiple Vendor BIND 8.2.2-P5 Denial of Service Vulnerability

Threat level definition

Multiple Vendor BIND 8.2.2-P5 Denial of Service Vulnerability

Solution:
Contributed patches:

Unofficial patch by Akatosh <akatosh@rains.net> :

--- src/bin/named/ns_xfr.c Wed Oct 13 12:39:13 1999
+++ src.new/bin/named/ns_xfr.c Wed Nov 8 16:53:38 2000
@@ -97,7 +97,8 @@
"unsupported XFR (type %s) of \"%s\" (%s) to %s",
p_type(type), zones[zone].z_origin, p_class(class),
sin_ntoa(qsp->s_from));
- goto abort;
+ (void) shutdown(qsp->s_rfd, 2);
+ goto abort2;
}

#ifdef SO_SNDBUF
@@ -195,11 +196,13 @@
type = ns_t_axfr;
}
if (sx_pushlev(qsp, znp) < 0) {
+
abort:
(void) shutdown(qsp->s_rfd, 2);
sq_remove(qsp);
return;
}
+ abort2:
if (type != ns_t_ixfr)
(void) sq_writeh(qsp, sx_sendsoa);
else

This unofficial patch contributed by Greg Woods <woods@weird.com> :

*** src/bin/named/ns_xfr.c 1999/11/11 06:06:09 1.1.1.3
--- src/bin/named/ns_xfr.c 2000/11/09 20:49:45
***************
*** 97,103 ****
"unsupported XFR (type %s) of \"%s\" (%s) to %s",
p_type(type), zones[zone].z_origin, p_class(class),
sin_ntoa(qsp->s_from));
! goto abort;
}

#ifdef SO_SNDBUF
--- 97,104 ----
"unsupported XFR (type %s) of \"%s\" (%s) to %s",
p_type(type), zones[zone].z_origin, p_class(class),
sin_ntoa(qsp->s_from));
! (void) shutdown(qsp->s_rfd, 2);
! return;
}

#ifdef SO_SNDBUF

RedHat bind-8.1.2-5.i386.rpm

Red Hat Inc. 5.2 i386 bind-8.2.2_P7-0.5.2.i386.rpm
ftp://updates.redhat.com/5.2/i386/bind-8.2.2_P7-0.5.2.i386.rpm

RedHat bind-8.2.1-7.i386.rpm

Red Hat Inc. 6.1 i386 bind-8.2.2_P7-0.6.2.i386.rpm
ftp://updates.redhat.com/6.1/i386/bind-8.2.2_P7-0.6.2.i386.rpm

RedHat bind-8.2.2_P5-25.i386.rpm

Red Hat Inc. 7.0 i386 bind-8.2.2_P7-1.i386.rpm
ftp://updates.redhat.com/7.0/i386/bind-8.2.2_P7-1.i386.rpm

RedHat bind-8.2-6.i386.rpm

Red Hat Inc. 6.0 i386 bind-8.2.2_P7-0.6.2.i386.rpm
ftp://updates.redhat.com/6.0/i386/bind-8.2.2_P7-0.6.2.i386.rpm

RedHat bind-8.2.2_P5-9.i386.rpm

Red Hat Inc. 6.2 i386 bind-8.2.2_P7-0.6.2.i386.rpm
ftp://updates.redhat.com/6.2/i386/bind-8.2.2_P7-0.6.2.i386.rpm

ISC BIND 8.2.2 p5

FreeBSD ports-3 bind-8.2.2p7.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-3-stable/net/bin d-8.2.2p7.tgz

FreeBSD ports-4 bind-8.2.2p7.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/net/bin d-8.2.2p7.tgz

FreeBSD ports-5 bind-8.2.2p7.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/net/bi nd-8.2.2p7.tgz

IBM IY14512
http://techsupport.services.ibm.com/rs6k/fixes.html

ISC BIND 8.2.2-P7
ftp://ftp.isc.org/isc/bind/src/8.2.2-P7/bind-src.tar.gz

MandrakeSoft 6.0 i386 bind-8.2.2P7-1.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/6.0/RPMS/bind-8.2. 2P7-1.3mdk.i586.rpm

MandrakeSoft 6.0 i386 bind-devel-8.2.2P7-1.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/6.0/RPMS/bind-util s-8.2.2P7-1.3mdk.i586.rpm

MandrakeSoft 6.0 i386 bind-utils-8.2.2P7-1.3mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/6.0/RPMS/bind-util s-8.2.2P7-1.3mdk.i586.rpm

MandrakeSoft 6.0 source bind-8.2.2P7-1.3mdk.src.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/6.0/SRPMS/bind-8.2 .2P7-1.3mdk.src.rpm

MandrakeSoft 6.1 i386 bind-8.2.2P7-1.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/6.1/RPMS/bind-8.2. 2P7-1.2mdk.i586.rpm

MandrakeSoft 6.1 i386 bind-devel-8.2.2P7-1.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/6.1/RPMS/bind-deve l-8.2.2P7-1.2mdk.i586.rpm

MandrakeSoft 6.1 i386 bind-utils-8.2.2P7-1.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/6.1/RPMS/bind-util s-8.2.2P7-1.2mdk.i586.rpm

MandrakeSoft 6.1 source bind-8.2.2P7-1.2mdk.src.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/6.1/SRPMS/bind-8.2 .2P7-1.2mdk.src.rpm

MandrakeSoft 7.0 i386 bind-8.2.2P7-1.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.0/RPMS/bind-8.2. 2P7-1.2mdk.i586.rpm

MandrakeSoft 7.0 i386 bind-devel-8.2.2P7-1.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.0/RPMS/bind-deve l-8.2.2P7-1.2mdk.i586.rpm

MandrakeSoft 7.0 i386 bind-utils-8.2.2P7-1.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.0/RPMS/bind-util s-8.2.2P7-1.2mdk.i586.rpm

MandrakeSoft 7.0 source bind-8.2.2P7-1.2mdk.src.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.0/SRPMS/bind-8.2 .2P7-1.2mdk.src.rpm

MandrakeSoft 7.1 i386 bind-8.2.2P7-1.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.1/RPMS/bind-8.2. 2P7-1.2mdk.i586.rpm

MandrakeSoft 7.1 i386 bind-devel-8.2.2P7-1.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.1/RPMS/bind-deve l-8.2.2P7-1.2mdk.i586.rpm

MandrakeSoft 7.1 i386 bind-utils-8.2.2P7-1.2mdk.i586.rpm
7.1/RPMS/bind-utils-8.2.2P7-1.2mdk.i586.rpm

MandrakeSoft 7.1 source bind-8.2.2P7-1.2mdk.src.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.1/SRPMS/bind-8.2 .2P7-1.2mdk.src.rpm

MandrakeSoft 7.2 i386 bind-8.2.2P7-1.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.2/RPMS/bind-8.2. 2P7-1.1mdk.i586.rpm

MandrakeSoft 7.2 i386 bind-devel-8.2.2P7-1.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.2/RPMS/bind-deve l-8.2.2P7-1.1mdk.i586.rpm

MandrakeSoft 7.2 i386 bind-utils-8.2.2P7-1.1mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/7.2/RPMS/bind-util s-8.2.2P7-1.1mdk.i586.rpm

MandrakeSoft 7.2 source bind-8.2.2P7-1.1mdk.src.rpm
7.2/SRPMS/bind-8.2.2P7-1.1mdk.src.rpm

Red Hat Inc. 7.0 alpha bind-8.2.2_P7-2.alpha.rpm
ftp://updates.redhat.com/7.0/alpha/bind-8.2.2_P7-2.alpha.rpm

Privacy Statement
Copyright 2009, SecurityFocus