|
Message-ID: <20090729092009.GB28200@ngolde.de>
Date: Wed, 29 Jul 2009 11:20:09 +0200
From: Nico Golde <oss-security+ml@...lde.de>
To: oss-security@...ts.openwall.com
Cc: Vincent Danen <vdanen@...hat.com>
Subject: Re: debian bug report on bind9 DoS
Hi,
* Robert Buchholz <rbu@...too.org> [2009-07-29 00:13]:
> On Tuesday 28 July 2009, Vincent Danen wrote:
> > I don't think
> > it's a huge problem with a well-secured bind9 configuration, but
> > could be quite problematic for bind config's that allow updates
> > without an RNDC key (typical of some dynamic DNS implementations), or
> > on a system that has lax enough permissions that the RNDC key is
> > exposed.
>
> The crash is not limited to configurations that allow updates.
Confirmed.
> The ISC advisory states so as well, and I could reproduce the DoS on a
> static named instance by removing the "$packet->sign_tsig(...)" line in
> the exploit. So the scope of this issue is wider than apparent from
> the original report.
Hmm I'd consider that a bug as well or is there a reason why
bind shouldn't verify update's authorization before
processing them?
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion@...ber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.