From owner-freebsd-questions  Sat Apr 25 13:30:45 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id NAA11467
          for freebsd-questions-outgoing; Sat, 25 Apr 1998 13:30:45 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from java.dpcsys.com (java.dpcsys.com [206.16.184.7])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA11461
          for <questions@freebsd.org>; Sat, 25 Apr 1998 13:30:38 -0700 (PDT)
          (envelope-from dan@dpcsys.com)
Received: from localhost (dan@localhost) by java.dpcsys.com (8.8.7/8.8.2) with SMTP id NAA09763; Sat, 25 Apr 1998 13:31:42 -0700 (PDT)
Date: Sat, 25 Apr 1998 13:31:42 -0700 (PDT)
From: Dan Busarow <dan@dpcsys.com>
To: Joao Carlos <jcarlos@bahianet.com.br>
cc: questions@FreeBSD.ORG
Subject: Re: BIND
In-Reply-To: <199804252111.SAA10631@unix2.bahianet.com.br>
Message-ID: <Pine.BSF.3.96.980425130030.9520B-100000@java.dpcsys.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Sat, 25 Apr 1998, Joao Carlos wrote:
> I received this message:
> 
> >>CERT* Advisory CA-98.05 
> >>Original issue date: April 08, 1998 
> >> 
> >>Topic: Multiple Vulnerabilities in BIND 
> >> 1. Inverse Query Buffer Overrun in BIND 4.9 and BIND 8 Releases 

I stand corrected.  ISC is usually more open about exploits and makes
the fixes prominent on their web site.  The new releases aren't
exactly hidden but the old versions are available from the main
bind page which is unusual.

A little more digging shows that the inverse query exploit would
not work on a normal 8.x named since inverse queries are turned
off by default.  The same is probably true for 4.9.6 but since I
don't use it I didn't dig in there. [it is, see the CERT advisory
snippet below]

The fixed versions are 8.1.2 and 4.9.7 and are available at
http://www.isc.org/new-bind.html

> >> Disabling inverse queries 
> >> ------------------------- 
> >> 
> >> BIND 8 
> >> Disable inverse queries by editing named.conf so that either there 
> >> is no "fake-iquery" entry in the "options" block or the entry is 
> >> "fake-iquery no;" 
> >> 
> >> BIND 4.9 
> >> Disable inverse queries by editing named.boot, removing any 
> >> "fake-iquery" entries on "options" lines. Look at conf/options.h 
> >> in the source. If INVQ has been defined, comment it out and then 
> >> rebuild and reinstall the server. 
> >> 
> >> Note: Disabling inverse query support can break ancient versions of 
> >> nslookup. If nslookup fails, replace it with a version from any 
> >> BIND 4.9 or BIND 8 distribution. 
> >> 
> >> Fixing the Inverse Query Code 

Thanks,
Dan
-- 
 Dan Busarow                                                  714 443 4172
 DPC Systems / Beach.Net                                    dan@dpcsys.com
 Dana Point, California  83 09 EF 59 E0 11 89 B4   8D 09 DB FD E1 DD 0C 82


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message