[19060] in bugtraq
Re: Bug in Bind 9.1.0? [Summary]
daemon@ATHENA.MIT.EDU (Ben Greenbaum)
Wed Feb 7 13:51:21 2001
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.GSO.4.30.0102071044560.8311-100000@mail>
Date: Wed, 7 Feb 2001 10:52:24 -0700
Reply-To: Ben Greenbaum <bgreenbaum@SECURITYFOCUS.COM>
From: Ben Greenbaum <bgreenbaum@SECURITYFOCUS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
More repro reports. If no credit is given it is because the report was
emailed to me and not the list, and I don't want to get anybody in
trouble...
-------------------------------
I have tried nmap -O -sT -p 53 against a few hosts under my thumbs:
the most hosts are Linux 2.2 but one FreeBSD 4.1 machine.
All hosts run BIND-9.1.0. None was vulberable.
----------------------------------------
From: Marcelo Bartsch <bartschm@psi.com>
nmap O -sT -p 53 against bind 9.1.0 on solaris 2.7 make no damage, bind
keep running.
----------------------------------------------
From: Ari Gordon-Schlosberg <regs@nebcorp.com>
RedHat 6.2, with the stock 2.2.14-5 kernel, Bind 9.1.0 built with
'./configure ; make ; make install' doesn't appear to be vulnerable.
However, one thing confused me: The initial report said the command was
'nmap O -sT". That's not a legal nmap command. Was it supposed to 'nmap
-O'?
---------------------------------------------------
From: Richard Lindahl <tomte@beavis.ulkhyvlers.net>
I am running OpenBSD 2.8 on old AMD machine along with bind-9.1.0,
and I am not experiencing any problems. The nmap -O -sT scan did not
crash named for me. Maybe I am just lucky, or OpenBSD 2.8 i386 isnt
vulnerable in this case ?
-------------------------------------
From: Jerry Walsh <jerry@aardvark.ie>
I could reproduce this on OpenBSD 2.6 running Bind 9.1 and nmap V. 2.53
using:
nmap -O -sT -p 53 foo.nameserver.com
it crashed named everytime.
And now you wonder why there's a ``keep-running'' script in the bin
directory ;)
--------------------------------------------------
From: "Maarten Van Horenbeeck" <maarten@daemon.be>
No problems on the following systems:
RedHat 6.2 standard install, bind-9.1.0 built from tarball
Debian 2.2 standard install, bind-9.1.0 built from tarball
Slackware 7, standard install, bind-9.1.0 built from tarball
Kernel on all of this boxes is 2.2.17 for RedHat & Debian, 2.4 on the
Slackware-machine.
-------------------------------------------
From: "Branden R. Williams" <brw@webce.com>
On an upgraded RedHat Linux 7.0 system with a compiled version of Bind
9.1.0, the nmap causes a crash. Here is what is in the logs.
Feb 7 09:21:15 XX named[223]: connection.c:420: INSIST(sent_bytes == connection->out_bytes && sent_bytes == isc_bufferlist_usedcount(&bufferlist)) failed
Feb 7 09:21:15 XX named[223]: exiting (due to assertion failure)
Ben Greenbaum
Director of Site Content
SecurityFocus
http://www.securityfocus.com
