First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 146486
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Rajiv Aaron Manglani <rajiv@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
bind-9.3.2-r4.ebuild.diff bind-9.3.2-r4.ebuild.diff patch Markus Ullmann 2006-09-07 14:46 0000 757 bytes Details | Diff
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 146486 depends on: Show dependency tree
Bug 146486 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2006-09-05 18:09 0000 
From:     Mark_Andrews@isc.org
        Subject:        Internet Systems Consortium Security Advisory.
        Date:   September 5, 2006 7:36:06 PM EDT
        To:       bind-announce@isc.org


                Internet Systems Consortium Security Advisory.
                   BIND 9: Multiple DoS vulnerabilities
                            5 September 2006

Versions affected:
        BIND 9.3.0, BIND 9.3.1, BIND 9.3.2, BIND 9.3.3b1 and BIND 9.3.3rc1
        BIND 9.4.0a1, 9.4.0a2, 9.4.0a3, 9.4.0a4, 9.4.0a5, 9.4.0a6 and
             9.4.0b1.
        See note for BIND 9.2.x
Severity: HIGH
Exploitable: Remotely
Type: DoS

SIG Query Processing (CVE-2006-4095):

        Recursive servers:

        Queries for SIG records will trigger a assertion failure if
        more than one SIG(covered) RRset is returned.

        Exposure can be minimized by restricting sources that can
        ask for recursion.

        Authoritative servers:

        If a nameserver is serving a RFC 2535 DNSSEC zone and is
        queried for the SIG records where the are multiple SIG(covered)
        RRsets (e.g. a zone apex) then named will trigger a assertion
        failure when it trys to construct the response.

Excessive Recursive Queries INSIST failure (CVE-2006-4096):

        It is possible to trigger a INSIST failure by sending enough
        recursive queries that the response to the query arrives after
        all the clients looking for the response have left the recursion
        queue.

        Exposure can be minimized by restricting sources that can
        ask for recursion.

        Note for BIND 9.2.x:
        Code handling this path for 9.2.x has been determined to be wrong,
        though ISC has not been able to detect an execution path that would
        trigger the erroneous code in 9.2.x.
        Nonetheless a patch is provided.

Fix:
        Upgrade to BIND 9.4.0b2, BIND 9.3.3rc2, BIND 9.3.2-P1, BIND 9.2.7rc1
        or BIND 9.2.6-P1 (or later).

        These can be found via: http://www.isc.org/sw/bind/

------- Comment #1 From Raphael Marichez 2006-09-06 03:06:29 0000 ------- 
Thanks Raviv

Voxus, please bump 9.3.2-p1 please, see
http://www.isc.org/sw/bind/bind9.3.php#security

------- Comment #2 From Sune Kloppenborg Jeppesen 2006-09-06 03:29:13 0000 ------- 
Note that CVE-2006-2073 seems to be still unfixed on bug #131337.

------- Comment #3 From Sune Kloppenborg Jeppesen 2006-09-06 23:12:53 0000 ------- 
*** Bug 146632 has been marked as a duplicate of this bug. ***

------- Comment #4 From Sune Kloppenborg Jeppesen 2006-09-06 23:13:58 0000 ------- 
Pulling in herd.

------- Comment #5 From Raphael Marichez 2006-09-07 04:05:36 0000 ------- 
> Note that CVE-2006-2073 seems to be still unfixed on bug #131337.

yes but CVE-2006-2073, a different issue, remains unpatched and has a weaker
gravity. It is very hard to exploit.

BTW, this current bug can be trivially triggered, we need an update asap.

------- Comment #6 From Markus Ullmann 2006-09-07 14:46:21 0000 ------- 
Created an attachment (id=96326) [details]
bind-9.3.2-r4.ebuild.diff

As I've been affected, I investigated needed steps and this small ebuild diff
made it for me

------- Comment #7 From Raphael Marichez 2006-09-08 05:21:37 0000 ------- 
> bind-9.3.2-r4.ebuild.diff


thanks, i'm using it now.

Bind team, please advise

------- Comment #8 From Konstantin Arkhipov 2006-09-11 02:47:38 0000 ------- 
committed 9.2.6-r4 and 9.3.2-r4
tested on x86 and ~amd64

------- Comment #9 From Sune Kloppenborg Jeppesen 2006-09-11 02:51:11 0000 ------- 
Thx Konstantin.

Arches please test and mark stable.

------- Comment #10 From Konstantin Arkhipov 2006-09-11 06:47:19 0000 ------- 
amd64 stable.

------- Comment #11 From Tobias Scherbaum 2006-09-11 09:44:30 0000 ------- 
ppc stable

------- Comment #12 From Markus Rothe 2006-09-11 13:28:10 0000 ------- 
ppc64 stable

------- Comment #13 From Jason Wever (RETIRED) 2006-09-11 18:13:36 0000 ------- 
S
 P
  A
   R
    C

S
 T
  A
   B
    L
     E

------- Comment #14 From Thomas Cort (RETIRED) 2006-09-12 07:40:17 0000 ------- 
alpha stable.

------- Comment #15 From Matthias Geerdsen 2006-09-12 08:03:06 0000 ------- 
for some reason x86 wasn't added to CC... fixing

hppa, x86 pls test an mark 9.2.6-r4 and 9.3.2-r4 stable if possible

------- Comment #16 From Tony Vroon 2006-09-12 09:12:27 0000 ------- 
X86 stable. Bind passes collision test, 9.3.2-r4 tested in production.

------- Comment #17 From Raphael Marichez 2006-09-14 01:34:02 0000 ------- 
HPPA team, any trouble here ?

------- Comment #18 From Gustavo Zacarias (RETIRED) 2006-09-14 10:34:05 0000 ------- 
killerfox is probably away so i took it.
hppa stable.

------- Comment #19 From Sune Kloppenborg Jeppesen 2006-09-14 15:50:22 0000 ------- 
This one is ready for GLSA.

------- Comment #20 From Raphael Marichez 2006-09-15 05:10:57 0000 ------- 
welcome to GLSA 200609-11!
First Last Prev Next    No search results available      Search page      Enter new bug