![[LWN Logo]](/images/lcorner.png) |
|
![[Timeline]](/images/Included.png) |
Date: Mon, 13 Nov 2000 16:59:28 -0700
From: Caldera Support Info <sup-info@locutus4.calderasystems.com>
To: announce@lists.calderasystems.com, bugtraq@securityfocus.com,
Subject: Security Update: DoS attack against named
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
Caldera Systems, Inc. Security Advisory
Subject: DoS attack against named
Advisory number: CSSA-2000-040.0
Issue date: 2000 November, 10
Cross reference:
______________________________________________________________________________
1. Problem Description
There's a bug in named's handling of compressed zone transfers
(ZXFR) that causes it to crash under certain circumstances.
At the very least, this is a denial of service attack. As the
bug is still being investigated, it cannot be ruled out that
this bug has a more severe security impact.
This bug affects you _only_ if you are running named, and act
as the primary name server for one or more zones. If does not
affect you if you merely run named in forwarding mode.
2. Vulnerable Versions
System Package
-----------------------------------------------------------
OpenLinux Desktop 2.3 All packages previous to
bind-8.2.2p7-1
OpenLinux eServer 2.3 All packages previous to
and OpenLinux eBuilder bind-8.2.2p7-1
OpenLinux eDesktop 2.4 All packages previous to
bind-8.2.2p7-1
3. Solution
Workaround:
As a minimum, you should restrict zone transfers to those hosts
that actually act as your secondary name servers. You can
do this by adding an "allow-transfer" statement to each zone
you act as a primary for. For instance,
zone "foobar.com" {
type master;
file "foobar.com";
allow-transfer { 192.168.1.1; 192.168.3.17 };
}
This will not completely protect you from the ZXFR attack,
but now the only sites able to perform it are those listed
in the allow-transfer clause.
4. OpenLinux Desktop 2.3
4.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/SRPMS
4.2 Verification
9d8429f25c5fb3bebe2d66b1f9321e61 RPMS/bind-8.2.2p7-1.i386.rpm
0e958eb01f40826f000d779dbe6b8cb3 RPMS/bind-doc-8.2.2p7-1.i386.rpm
866ff74c77e9c04a6abcddcc11dbe17b RPMS/bind-utils-8.2.2p7-1.i386.rpm
6a545924805effbef01de74e34ba005e SRPMS/bind-8.2.2p7-1.src.rpm
4.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fhv bind-*.i386.rpm
5. OpenLinux eServer 2.3 and OpenLinux eBuilder for ECential 3.0
5.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/eServer/2.3/current/SRPMS
5.2 Verification
379c4328604b4491a8f3d0de44e42347 RPMS/bind-8.2.2p7-1.i386.rpm
b428b824c8b67f2d8d4bf53738a3e7e0 RPMS/bind-doc-8.2.2p7-1.i386.rpm
28311d630281976a870d38abe91f07fb RPMS/bind-utils-8.2.2p7-1.i386.rpm
6a545924805effbef01de74e34ba005e SRPMS/bind-8.2.2p7-1.src.rpm
5.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fhv bind-*.i386.rpm
6. OpenLinux eDesktop 2.4
6.1 Location of Fixed Packages
The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/RPMS/
The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/eDesktop/2.4/current/SRPMS
6.2 Verification
c37b6673cc9539e592013ac114846940 RPMS/bind-8.2.2p7-1.i386.rpm
bbe0d7e317fde0d47cba1384f6d4b635 RPMS/bind-doc-8.2.2p7-1.i386.rpm
5c28dd5641a4550c03e9859d945a806e RPMS/bind-utils-8.2.2p7-1.i386.rpm
6a545924805effbef01de74e34ba005e SRPMS/bind-8.2.2p7-1.src.rpm
6.3 Installing Fixed Packages
Upgrade the affected packages with the following commands:
rpm -Fhv bind-*.i386.rpm
7. References
This and other Caldera security resources are located at:
http://www.calderasystems.com/support/security/index.html
This security fix closes Caldera's internal Problem Report 8230.
8. Disclaimer
Caldera Systems, Inc. is not responsible for the misuse of any of the
information we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended to
promote secure installation and use of Caldera OpenLinux.
______________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6DAn118sy83A/qfwRAiiBAKC/0WNCkfDJoHDjfuMgY1mQFWZ4awCgisAp
dhuUp0QpTBKLAN15sdIadPE=
=3IEb
-----END PGP SIGNATURE-----