ISC BIND named SIGINT and SIGIOT symlink Vulnerability

Solution:
Upgrade to BIND 4.9.7, BIND 8.1.x or apply the following
patch.

*** named/ns_init.c.000 Mon Jun 2 06:34:35 1997
--- named/ns_init.c Sun Apr 12 13:12:05 1998
***************
*** 560,567 ****
* We will always transfer this zone again
* after a reload.
*/
! sprintf(buf, "%s/NsTmp%ld.%d", _PATH_TMPDIR,
! (long)getpid(), tmpnum++);
source = savestr(buf);
zp->z_flags |= Z_TMP_FILE;
} else
--- 560,567 ----
* We will always transfer this zone again
* after a reload.
*/
! sprintf(buf, "NsTmp%ld.%d", (long)getpid(),
! tmpnum++);
source = savestr(buf);
zp->z_flags |= Z_TMP_FILE;
} else
*** named/ns_main.c.000 Mon Jun 2 06:34:36 1997
--- named/ns_main.c Sun Apr 12 14:51:45 1998
***************
*** 1463,1469 ****
dprintf(1, (ddt, "sigprof()\n"));
if (fork() == 0)
{
- (void) chdir(_PATH_TMPDIR);
exit(1);
}
errno = save_errno;
--- 1463,1468 ----
*** named/pathnames.h.000 Thu Dec 15 17:24:22 1994
--- named/pathnames.h Sat Apr 11 10:57:45 1998
***************
*** 74,88 ****
#ifndef _PATH_XFER
# define _PATH_XFER "/usr/libexec/named-xfer"
#endif
! #define _PATH_DEBUG "/var/tmp/named.run"
! #define _PATH_DUMPFILE "/var/tmp/named_dump.db"
#ifndef _PATH_PIDFILE
# define _PATH_PIDFILE "/var/run/named.pid"
#endif
! #define _PATH_STATS "/var/tmp/named.stats"
! #define _PATH_XFERTRACE "/var/tmp/xfer.trace"
! #define _PATH_XFERDDT "/var/tmp/xfer.ddt"
! #define _PATH_TMPXFER "/var/tmp/xfer.ddt.XXXXXX"
#define _PATH_TMPDIR "/var/tmp"

#else /* BSD */
--- 74,88 ----
#ifndef _PATH_XFER
# define _PATH_XFER "/usr/libexec/named-xfer"
#endif
! #define _PATH_DEBUG "named.run"
! #define _PATH_DUMPFILE "named_dump.db"
#ifndef _PATH_PIDFILE
# define _PATH_PIDFILE "/var/run/named.pid"
#endif
! #define _PATH_STATS "named.stats"
! #define _PATH_XFERTRACE "xfer.trace"
! #define _PATH_XFERDDT "xfer.ddt"
! #define _PATH_TMPXFER "xfer.ddt.XXXXXX"
#define _PATH_TMPDIR "/var/tmp"

#else /* BSD */
***************
*** 92,106 ****
#ifndef _PATH_XFER
# define _PATH_XFER "/etc/named-xfer"
#endif
! #define _PATH_DEBUG "/usr/tmp/named.run"
! #define _PATH_DUMPFILE "/usr/tmp/named_dump.db"
#ifndef _PATH_PIDFILE
# define _PATH_PIDFILE "/etc/named.pid"
#endif
! #define _PATH_STATS "/usr/tmp/named.stats"
! #define _PATH_XFERTRACE "/usr/tmp/xfer.trace"
! #define _PATH_XFERDDT "/usr/tmp/xfer.ddt"
! #define _PATH_TMPXFER "/usr/tmp/xfer.ddt.XXXXXX"
#define _PATH_TMPDIR "/usr/tmp"
#endif /* BSD */

--- 92,106 ----
#ifndef _PATH_XFER
# define _PATH_XFER "/etc/named-xfer"
#endif
! #define _PATH_DEBUG "named.run"
! #define _PATH_DUMPFILE "named_dump.db"
#ifndef _PATH_PIDFILE
# define _PATH_PIDFILE "/etc/named.pid"
#endif
! #define _PATH_STATS "named.stats"
! #define _PATH_XFERTRACE "xfer.trace"
! #define _PATH_XFERDDT "xfer.ddt"
! #define _PATH_TMPXFER "xfer.ddt.XXXXXX"
#define _PATH_TMPDIR "/usr/tmp"
#endif /* BSD */



 

Privacy Statement
Copyright 2010, SecurityFocus