Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 19 Sep 2012 07:31:12 GMT
From:      Alexey <alexey@kouznetsov.com>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   bin/171765: Bind security problem: A Specially Crafted Resource Record Could Cause named to Terminate
Message-ID:  <201209190731.q8J7VCo2079938@red.freebsd.org>
Resent-Message-ID: <201209190740.q8J7eApA071241@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         171765
>Category:       bin
>Synopsis:       Bind security problem: A Specially Crafted Resource Record Could Cause named to Terminate
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Sep 19 07:40:10 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator:     Alexey
>Release:        Any supported
>Organization:
>Environment:
ISC Bind related, included in base system.
>Description:
http://www.isc.org/software/bind/advisories/cve-2012-4244

-cut-
A nameserver can be caused to exit with a REQUIRE exception if it can be induced to load a specially crafted resource record.

If a record with RDATA in excess of 65535 bytes is loaded into a nameserver, a subsequent query for that record will cause named to exit with an assertion failure.

Please Note: Versions of BIND 9.4 and 9.5 are also affected, but these branches are beyond their "end of life" (EOL) and no longer receive testing or security fixes from ISC.

This vulnerability can be exploited remotely against recursive servers by inducing them to query for records provided by an authoritative server. It affects authoritative servers if a zone containing this type of resource record is loaded from file or provided via zone transfer.
-cut-
>How-To-Repeat:

>Fix:
ISC released patches for the problem. Merge patches to the source tree .

BIND versions where problem fixed:
BIND 9 version 9.7.7, 9.7.6-P3
BIND 9 version 9.6-ESV-R8, 9.6-ESV-R7-P3
BIND 9 version 9.8.4, 9.8.3-P3
BIND 9 version 9.9.2, 9.9.1-P3

port versions already updated. Problem still in main base.

>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201209190731.q8J7VCo2079938>