named crashing
Kevin Darcy
kcd at daimlerchrysler.com
Thu Nov 15 23:24:45 UTC 2001
Gerardo Blanco wrote:
> SCO OpenServer 5
> There is an advice in sco support page about "BIND buffer overflows"? (Ref.
> #115387)
>
> 1. Problem Description
> The BIND subsystem contains several buffer overflows, detailed in CERT
> advisory CA-2001-02. This advisory announces the availability of a
> preliminary version of BIND 8.2.5. Since there is no packaged installation
> of this preliminary offering, it should only be installed by experienced
> system administrators. A formal installable fix containing this version of
> BIND is forthcoming.
>
> 2. Vulnerable Versions
>
> Operating System Version Affected Files
> ------------------------------------------------------------------
> OpenServer <= 5.0.6a ./etc/addr
> ./etc/nsupdate
> ./etc/dig
> ./etc/dnsquery
> ./etc/host
> ./etc/named
> ./etc/named-xfer
> ./etc/ndc
> ./usr/lib/libresolv.so.1
> ./usr/lib/libsocket.so.2
> ./usr/lib/libresolv.a
> ./usr/lib/libsocket.a
> ./usr/lib/libp/libresolv.so.1
> ./usr/lib/libp/libsocket.a
> ./usr/lib/libp/libsocket.so.2
> ./usr/lib/libp/libresolv.a
> ./usr/bin/nslookup
> ./usr/include/resolv.h
>
> 3. Workaround
>
> None.
>
> 4. OpenServer
>
> 4.1 Location of Fixed Binaries
>
> ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.13/
>
> BUT THIS LOCATION OF FIXED BINARIES IS NOT WORKING.
> That's why I want to do it the hard way.
I'm not sure what you mean by "do it the hard way".
BTW, I was able to download
ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.13/newbind.tar.Z
just fine.
- Kevin
> -------------------------------------------
> Ing. Gerardo Blanco Vazquez
> gblanco at gatelink.net
> "Kevin Darcy" <kcd at daimlerchrysler.com> wrote in message
> news:9sv1m4$f2f at pub3.rc.vix.com...
> >
> > "Out of stream resources" is an operating system error. What OS is this,
> by
> > the way? Perhaps you need a patch.
> >
> >
> > - Kevin
> >
> > Gerardo Blanco wrote:
> >
> > > I am using named 8.2.5 recently installed from previous version.
> > > I have 2 weeks using it, and 2 crashing.
> > > I did not have problems with previous version.
> > > This is the message I received, and named crashed after that.
> > > What can be causing this ?
> > >
> > > Nov 14 10:00:26 gate named[17096]: Cleaned cache of 1684 RRsets
> > > Nov 14 10:00:26 gate named[17096]: USAGE 1005757226 1005159625
> > > CPU=128.75u/298.3
> > > 9s CHILDCPU=0.01u/0.01s
> > > Nov 14 10:00:26 gate named[17096]: NSTATS 1005757226 1005159625 0=702
> > > A=269413 N
> > > S=4199 CNAME=224 SOA=5019 MG=3 PTR=154464 HINFO=1 MX=10948 TXT=3
> AAAA=1332
> > > SRV=9
> > > 31 A6=931 AXFR=1 ANY=53238
> > > Nov 14 10:00:26 gate named[17096]: XSTATS 1005757226 1005159625
> RR=188844
> > > RNXD=1
> > > 1812 RFwdR=74641 RDupR=584 RFail=685 RFErr=0 RErr=33 RAXFR=1 RLame=3668
> > > ROpts=0
> > > SSysQ=34912 SAns=494917 SFwdQ=122745 SDupQ=24445 SErr=0 RQ=518616 RIQ=0
> > > RFwdQ=12
> > > 2745 RDupQ=3367 RTCP=15384 SFwdR=74641 SFail=59 SFErr=0 SNaAns=234462
> > > SNXD=86720
> > > RUQ=0 RURQ=0 RUXFR=0 RUUpd=4606
> > >
> > > Nov 14 10:00:26 gate named[17096]: get interface configuration: Out of
> > > stream resources
> > > Nov 14 10:00:26 gate named[17096]: get interface configuration: Out of
> > > stream resources
> > >
> > > --
> > >
> > > -------------------------------------------
> > > Ing. Gerardo Blanco Vazquez
> > > gblanco at gatelink.net
> >
> >
More information about the bind-users
mailing list