[19048] in bugtraq
yes, it seems NMAP can trivially crash BIND-9.1.0,
daemon@ATHENA.MIT.EDU (Greg A. Woods)
Tue Feb 6 18:32:31 2001
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <20010206214335.841E98C@proven.weird.com>
Date: Tue, 6 Feb 2001 16:43:35 -0500
Reply-To: "Greg A. Woods" <woods@planix.com>
From: "Greg A. Woods" <woods@WEIRD.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
Hmmm... I tried that little 'nmap -O -sT proven' trick, i.e. against my
development machine on which I run BIND-9.1.0, and what do you know but
named drops out almost immediately with a SIGBUS:
Feb 6 13:28:19 proven /netbsd: named: pid 14653 [eid 32771:40, rid 32771:40] sent signal 6: was set-id, core dump not permitted [in /etc/namedb]
This is a NetBSD-1.5F (approx.) i386 machine and BIND-9.1.0 was compiled
and installed via the NetBSD pkgsrc/net/bind9 module.
Now if I get time tonight I'll try again with the debugger attached and
see exactly where it's going down, but I suspect others are doing / have
done that.....
--
Greg A. Woods
+1 416 218-0098 VE3TCP <gwoods@acm.org> <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>
