| Summary: | BIND denial of service (server crash) caused by receipt of a specific remote dynamic update message. | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Dan Reidy <dubkat> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED DUPLICATE | ||
| Severity: | critical | ||
| Priority: | High | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | All | ||
| URL: | https://www.isc.org/node/474 | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
*** This bug has been marked as a duplicate of bug 279508 *** |
(taken directly from the isc.org post) Description: Urgent: this exploit is public. Please upgrade immediately. Receipt of a specially-crafted dynamic update message may cause BIND 9 servers to exit. This vulnerability affects all servers – it is not limited to those that are configured to allow dynamic updates. Access controls will not provide an effective workaround. dns_db_findrdataset() fails when the prerequisite section of the dynamic update message contains a record of type “ANY” and where at least one RRset for this FQDN exists on the server. db.c:659: REQUIRE(type != ((dns_rdatatype_t)dns_rdatatype_any)) failed exiting (due to assertion failure). Workarounds: None. (Some sites may have firewalls that can be configured with packet filtering techniques to prevent nsupdate messages from reaching their nameservers.) Active exploits: An active remote exploit is in wide circulation at this time. Solution: Upgrade BIND to one of 9.4.3-P3, 9.5.1-P3 or 9.6.1-P1. These versions can be downloaded from: http://ftp.isc.org/isc/bind9/9.6.1-P1/bind-9.6.1-P1.tar.gz http://ftp.isc.org/isc/bind9/9.5.1-P3/bind-9.5.1-P3.tar.gz http://ftp.isc.org/isc/bind9/9.4.3-P3/bind-9.4.3-P3.tar.gz Acknowledgement: Matthias Urlichs Revision History: 2009-07-28 Initial text Reproducible: Didn't try Steps to Reproduce: