[17574] in bugtraq
Re: BIND 8.2.2-P5 Possible DOS
daemon@ATHENA.MIT.EDU (Martin McFlySr)
Thu Nov 9 03:06:15 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <5229790120.20001109010001@McFlySr.Kurgan.Ru>
Date: Thu, 9 Nov 2000 01:00:01 +0300
Reply-To: Martin McFlySr <Martin@McFlySr.Kurgan.Ru>
From: Martin McFlySr <Martin@McFlySr.Kurgan.Ru>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.30.0011071339510.29294-100000@naif.inet.it>
Hello Fabio Pietrosanti (naif),
Tuesday, November 07, 2000, 15:40:49, you wrote:
FPn> Then the server "*** CRASHED ***" .
FPn> I should assume that bind 8.2.2-P5 it's vulnerable ( Please someone
FPn> test and confirm this kind of dos)
...
FPn> A lot of DNS Server are misconfigured, and allow zone-transfer to any,
FPn> so they are dossable...
Yes, 8.2.2 is vulnerable. With "allow-transfer" or without it.
If 8.2.2 havent a "allow-tranfer", request from any host can crash bind.
If 8.2.2 have a "allow-tranfer", request from any host (from
"allow-tranfer" list can crash bind.
--
Thursday, November 09, 2000,
00:49
Best regards from future,
Martin McFlySr, HillDale.
