[ESA-20020724-018] Buffer overflow in BIND4-derived resolver code.
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Tue Jul 30 15:25:23 UTC 2002
Shujaat Nazir Khan <snk at cyber.net.pk> wrote:
> Content-Type: text/plain; charset=us-ascii
> Content-Transfer-Encoding: 7bit
> Hello,
> We are runing Bind-8.2.4-REL on our Solaris based dns. I need to confirm
> whether the library libbind is still vulnerable for Bind-8 or not and
> also do I need to upgrade my dns for the same or not ?
> Thanks with kindest regards,
> Shujaat Nazir Khan
> System Support Engineer
> Cyber Internet Servcies (Pvt.) Ltd
> Pakistan.
Yes, your resolver code is vulnerable.
This is not a nameserver problem per se, but is located in the
resolver ( part of libc ) + all your statically linked binaries
that has resolver code within.
The proper upgrade is from sun.
A decent workaround exists, install bind-9 and make shure that
all your clients uses bind-9 servers.
bind-9 "rebuilds" the packets received from other servers, thereby
eliminating the infected packets ( this is what i have understood from
the messages from isc).
bind-9 is available in source from isc.org, several "ready-torun"
packages are available from "http://www.sunfreeware.com/"
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list