|
ISC BIND named SIGINT and SIGIOT symlink Vulnerability
Solution: Upgrade to BIND 4.9.7, BIND 8.1.x or apply the following patch. *** named/ns_init.c.000 Mon Jun 2 06:34:35 1997 --- named/ns_init.c Sun Apr 12 13:12:05 1998 *************** *** 560,567 **** * We will always transfer this zone again * after a reload. */ ! sprintf(buf, "%s/NsTmp%ld.%d", _PATH_TMPDIR, ! (long)getpid(), tmpnum++); source = savestr(buf); zp->z_flags |= Z_TMP_FILE; } else --- 560,567 ---- * We will always transfer this zone again * after a reload. */ ! sprintf(buf, "NsTmp%ld.%d", (long)getpid(), ! tmpnum++); source = savestr(buf); zp->z_flags |= Z_TMP_FILE; } else *** named/ns_main.c.000 Mon Jun 2 06:34:36 1997 --- named/ns_main.c Sun Apr 12 14:51:45 1998 *************** *** 1463,1469 **** dprintf(1, (ddt, "sigprof()\n")); if (fork() == 0) { - (void) chdir(_PATH_TMPDIR); exit(1); } errno = save_errno; --- 1463,1468 ---- *** named/pathnames.h.000 Thu Dec 15 17:24:22 1994 --- named/pathnames.h Sat Apr 11 10:57:45 1998 *************** *** 74,88 **** #ifndef _PATH_XFER # define _PATH_XFER "/usr/libexec/named-xfer" #endif ! #define _PATH_DEBUG "/var/tmp/named.run" ! #define _PATH_DUMPFILE "/var/tmp/named_dump.db" #ifndef _PATH_PIDFILE # define _PATH_PIDFILE "/var/run/named.pid" #endif ! #define _PATH_STATS "/var/tmp/named.stats" ! #define _PATH_XFERTRACE "/var/tmp/xfer.trace" ! #define _PATH_XFERDDT "/var/tmp/xfer.ddt" ! #define _PATH_TMPXFER "/var/tmp/xfer.ddt.XXXXXX" #define _PATH_TMPDIR "/var/tmp" #else /* BSD */ --- 74,88 ---- #ifndef _PATH_XFER # define _PATH_XFER "/usr/libexec/named-xfer" #endif ! #define _PATH_DEBUG "named.run" ! #define _PATH_DUMPFILE "named_dump.db" #ifndef _PATH_PIDFILE # define _PATH_PIDFILE "/var/run/named.pid" #endif ! #define _PATH_STATS "named.stats" ! #define _PATH_XFERTRACE "xfer.trace" ! #define _PATH_XFERDDT "xfer.ddt" ! #define _PATH_TMPXFER "xfer.ddt.XXXXXX" #define _PATH_TMPDIR "/var/tmp" #else /* BSD */ *************** *** 92,106 **** #ifndef _PATH_XFER # define _PATH_XFER "/etc/named-xfer" #endif ! #define _PATH_DEBUG "/usr/tmp/named.run" ! #define _PATH_DUMPFILE "/usr/tmp/named_dump.db" #ifndef _PATH_PIDFILE # define _PATH_PIDFILE "/etc/named.pid" #endif ! #define _PATH_STATS "/usr/tmp/named.stats" ! #define _PATH_XFERTRACE "/usr/tmp/xfer.trace" ! #define _PATH_XFERDDT "/usr/tmp/xfer.ddt" ! #define _PATH_TMPXFER "/usr/tmp/xfer.ddt.XXXXXX" #define _PATH_TMPDIR "/usr/tmp" #endif /* BSD */ --- 92,106 ---- #ifndef _PATH_XFER # define _PATH_XFER "/etc/named-xfer" #endif ! #define _PATH_DEBUG "named.run" ! #define _PATH_DUMPFILE "named_dump.db" #ifndef _PATH_PIDFILE # define _PATH_PIDFILE "/etc/named.pid" #endif ! #define _PATH_STATS "named.stats" ! #define _PATH_XFERTRACE "xfer.trace" ! #define _PATH_XFERDDT "xfer.ddt" ! #define _PATH_TMPXFER "xfer.ddt.XXXXXX" #define _PATH_TMPDIR "/usr/tmp" #endif /* BSD */ |
|
|
Privacy Statement |
