[1993] in Release_7.7_team
denial of service attack for BIND 8.1 nameds
daemon@ATHENA.MIT.EDU (Garry Zacheiss)
Wed Nov 10 22:12:46 1999
Message-Id: <199911110312.WAA08941@x15-cruise-basselope.mit.edu>
To: ops@MIT.EDU, release-team@MIT.EDU
Date: Wed, 10 Nov 1999 22:12:32 -0500
From: Garry Zacheiss <zacheiss@MIT.EDU>
A denial of service attack was announced two days ago that
allows attackers to remotely crash a running named. More information on
this is available at:
http://www.isc.org/products/BIND/bind-security-19991108.html
Since the workaround is simple, we should think about getting
the workaround into a patch release of 8.3 (maybe the one going out on
Monday) and fixing the problem on as many running servers as possible.
Garry
Here's the brief description:
Versions affected: 8.1, 8.1.1, 8.1.2, 8.2, 8.2 patchlevel 1
Severity: SERIOUS
Exploitable: Remotely
Type: Denial of service
Description
A bug in the handling of file descriptors results in a vulnerability
that will crash the DNS server when more than FD_SETSIZE descriptors
are consumed.
Workarounds:
Set { files #; } where # is less than FD_SETSIZE (as typically found
in /usr/include/sys/select.h) in in the "options" section of named.conf
Active Exploits:
Scripts are available which can implement this attack.