• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Multiple Vendor BIND (NXT Overflow & Denial of Service) Vulnerabilities

Solution:
ISC Recommends updating to BIND 8.2.2. Patchlevel 5.

The following vendor patches are available as of May 25, 2000:

Hewlett-Packard HP-UX patches:
s700_800 HP-UX release 10.01, 10.10 & 10.20 BIND 4.9.7 PHNE_20618
s700_800 HP-UX release 10.24 (VVOS) BIND 4.9.7 PHNE_21288
s700_800 HP-UX release 11.00 BIND 4.9.7 PHNE_20619
s700_800 HP-UX release 11.04 (VVOS) BIND 4.9.7 PHNE_21090

The bind revision 8.1.2 upgrade is available for HP-UX 11.00 via a web page:
http://www.software.hp.com/products/DNS_BIND/index.html

Caldera

ftp://ftp.calderasystems.com/pub/OpenLinux/updates/2.3/current

MD5s

db1dda05dbe0f67c2bd2e5049096b42c RPMS/bind-8.2.2p3-1.i386.rpm

82bbe025ac091831904c71c885071db1 RPMS/bind-doc-8.2.2p3-1.i386.rpm

2f9a30444046af551eafd8e6238a50c6 RPMS/bind-utils-8.2.2p3-1.i386.rpm

0e4f041549bdd798cb505c82a8911198 SRPMS/bind-8.2.2p3-1.src.rpm

Red Hat Linux 4.x:

Intel:
ftp://updates.redhat.com/4.2/i386/bind-8.2.2_P3-0.4.2.i386.rpm
ftp://updates.redhat.com/4.2/i386/bind-devel-8.2.2_P3-0.4.2.i386.rpm
ftp://updates.redhat.com/4.2/i386/bind-utils-8.2.2_P3-0.4.2.i386.rpm

Alpha:
ftp://updates.redhat.com/4.2/alpha/bind-8.2.2_P3-0.4.2.alpha.rpm
ftp://updates.redhat.com/4.2/alpha/bind-devel-8.2.2_P3-0.4.2.alpha.rpm
ftp://updates.redhat.com/4.2/alpha/bind-utils-8.2.2_P3-0.4.2.alpha.rpm

Sparc:
ftp://updates.redhat.com/4.2/sparc/bind-8.2.2_P3-0.4.2.sparc.rpm
ftp://updates.redhat.com/4.2/sparc/bind-devel-8.2.2_P3-0.4.2.sparc.rpm
ftp://updates.redhat.com/4.2/sparc/bind-utils-8.2.2_P3-0.4.2.sparc.rpm

Source packages:
ftp://updates.redhat.com/4.2/SRPMS/bind-8.2.2_P3-0.4.2.src.rpm

Red Hat Linux 5.x:

Intel:
ftp://updates.redhat.com/5.2/i386/bind-8.2.2_P3-0.5.2.i386.rpm
ftp://updates.redhat.com/5.2/i386/bind-devel-8.2.2_P3-0.5.2.i386.rpm
ftp://updates.redhat.com/5.2/i386/bind-utils-8.2.2_P3-0.5.2.i386.rpm

Alpha:
ftp://updates.redhat.com/5.2/alpha/bind-8.2.2_P3-0.5.2.alpha.rpm
ftp://updates.redhat.com/5.2/alpha/bind-devel-8.2.2_P3-0.5.2.alpha.rpm
ftp://updates.redhat.com/5.2/alpha/bind-utils-8.2.2_P3-0.5.2.alpha.rpm

Sparc:
ftp://updates.redhat.com/5.2/sparc/bind-8.2.2_P3-0.5.2.sparc.rpm
ftp://updates.redhat.com/5.2/sparc/bind-devel-8.2.2_P3-0.5.2.sparc.rpm
ftp://updates.redhat.com/5.2/sparc/bind-utils-8.2.2_P3-0.5.2.sparc.rpm

Source packages:
ftp://updates.redhat.com/5.2/SRPMS/bind-8.2.2_P3-0.5.2.src.rpm

Red Hat Linux 6.x:

Intel:
ftp://updates.redhat.com/6.1/i386/bind-8.2.2_P3-1.i386.rpm
ftp://updates.redhat.com/6.1/i386/bind-devel-8.2.2_P3-1.i386.rpm
ftp://updates.redhat.com/6.1/i386/bind-utils-8.2.2_P3-1.i386.rpm

Alpha:
ftp://updates.redhat.com/6.0/alpha/bind-8.2.2_P3-1.alpha.rpm
ftp://updates.redhat.com/6.0/alpha/bind-devel-8.2.2_P3-1.alpha.rpm
ftp://updates.redhat.com/6.0/alpha/bind-utils-8.2.2_P3-1.alpha.rpm

Sparc:
ftp://updates.redhat.com/6.0/sparc/bind-8.2.2_P3-1.sparc.rpm
ftp://updates.redhat.com/6.0/sparc/bind-devel-8.2.2_P3-1.sparc.rpm
ftp://updates.redhat.com/6.0/sparc/bind-utils-8.2.2_P3-1.sparc.rpm

Source packages:
ftp://updates.redhat.com/6.1/SRPMS/bind-8.2.2_P3-1.src.rpm

Slackware 4.0:

ftp.cdrom.com:/pub/linux/slackware-4.0/patches/bind.tgz

SlackWare 7.0:

ftp.cdrom.com:/pub/linux/slackware-7.0/patches/bind.tgz

IBM AIX:

APAR 4.3.x: IY05851

Patches are available to all Sun customers at http://sunsolve.sun.com

Linux-Mandrake users should use the following upgrades:

md5sum: 185c51a554cd1c2fedf42f002ba8f01f
package: 6.1/RPMS/bind-8.2.2P5-6mdk.i586.rpm

md5sum: 39757dd3b1157685a486fc2c7afe2855
package:6.1/RPMS/bind-devel-8.2.2P5-6mdk.i586.rpm

md5sum: 507e45161ec6f9cbfb17dcf06d0831f0
package:6.1/RPMS/bind-utils-8.2.2P5-6mdk.i586.rpm

md5sum: eeffc6a7d2c7813931a2bbcb8da05a79
source: 6.1/SRPMS/bind-8.2.2P5-6mdk.src.rpm

md5sum: 95ccd87693c8e3c870f1bccd2842489b
package:7.0/RPMS/bind-8.2.2P5-6mdk.i586.rpm

md5sum: 31a1b33c3cf2013ea14ac1d0432a2785
package:7.0/RPMS/bind-devel-8.2.2P5-6mdk.i586.rpm

md5sum: ce92d5be31c4675e5ec21e4a76815633
package:7.0/RPMS/bind-utils-8.2.2P5-6mdk.i586.rpm

md5sum: eeffc6a7d2c7813931a2bbcb8da05a79
source: 7.0/SRPMS/bind-8.2.2P5-6mdk.src.rpm

To upgrade automatically, use « MandrakeUpdate ». If you want to
upgrade manually, download the updated package from one of our FTP
server mirrors and uprade with "rpm -Uvh package_name". All mirrors
are listed on http://www.mandrake.com/en/ftp.php3 Updated packages are
available in the "updates/" directory.

For example, if you are looking for an updated RPM package for
Mandrake 7.0, look for it in: updates/7.0/RPMS/

SGI has reported that IRIX 6.5 shipped with a vulnerable version of BIND 4.9.4p1. This issue will be resolved in IRIX 6.5.18. Additionally, IRIX patch 4725 will resolve this issue for IRIX 6.5.13, 6.5.14, 6.5.15, 6.5.16 and 6.5.17.


Sun Solaris 7.0

• Sun 106938-03
  


• Sun 107018-02
  

Sun Solaris 7.0_x86

• Sun 106939-03
  


• Sun 107019-02