Code Red : Stack Smash in bind 9.3.3
Ajith Vargese Thampi
ajith.thampi at gmail.com
Tue Jan 2 09:51:26 UTC 2007
Dec 29 09:52:01 mail named[26235]: starting BIND 9.3.3 -u named -c
/etc/named.conf -t /var/lib/named/chroot
Dec 29 09:52:01 mail named[26235]: loading configuration from
'/etc/named.conf'
Dec 29 09:52:01 mail named[26235]: no IPv6 interfaces found
Dec 29 09:52:01 mail named[26235]: listening on IPv4 interface lo,
127.0.0.1#53
Dec 29 09:52:01 mail named[26235]: listening on IPv4 interface eth0,
159.xxxx#53
Dec 29 09:52:01 mail named[26235]: listening on IPv4 interface eth1,
159.zzzzz#53
Dec 29 09:52:01 mail named[26235]: command channel listening on
127.0.0.1#953
Dec 29 09:52:01 mail named: named startup succeeded
Dec 29 09:52:01 mail named: stack smashing attack in function query_find
The server handles external zones (recursive queries)
correctly, but it crashes on the first query to one of the zones it is master
for. The error is:
named: stack smashing attack in function query_findAborted
Stack Smash Protector has been compiled into the GCC which detects any stack
based anomalies in the code.
Reference: http://gcc.fyxm.net/summit/2003/Stackguard.pdf
On 1/1/07, Danny Mayer <mayer at ntp.isc.org> wrote:
>
> Ajith Vargese Thampi wrote:
> > It seems there is a stack smash detected in the latest bind version.
> > *smashing attack in function query_find*
> > Anyone notice this?
> >
>
> What's a smashing attack and what are you seeing? Is this an error
> message or something else? There is no such message in the bind 9.3.3
> sources that I could find. Please include complete messages in your
> questions along with a description of how you are seeing this.
>
> Danny
>
--
Thanks and Regards
Aristo
Mob # +91 9980089699
Registered Linux User #415170
More information about the bind-users
mailing list