[2828] in SIPB_Linux_Development

home help back first fref pref prev next nref lref last post

Re: 4.2 in a BIND catch-22

daemon@ATHENA.MIT.EDU (Garry Zacheiss)
Fri Nov 12 00:59:15 1999

Date: Fri, 12 Nov 1999 00:58:58 -0500 (EST)
From: Garry Zacheiss <zacheiss@MIT.EDU>
To: amu@MIT.EDU (Aaron M. Ucko)
Cc: linux-dev@MIT.EDU
In-Reply-To: "[2826] in SIPB_Linux_Development"


>> Anyone have suggestions on what to do (other than desupporting 4.2,
>> which we ought to do soon *anyway*)?

   Of the recently announced vulnerabilites, the most serious one (the
remote root exploit based on the handling of NXT records) affects only
BIND 8.2.  Of the denial of service attacks that affect 8.1, there is
only one that both is guaranteed to cause named to exit and is trivially
exploitable; this is the "fdmax bug", and it can be easily worked around
in named.conf by adding "files 255;" to the "options" section of the
file.  The other easily exploitable bug is the "solinger bug", which has
no good workaround, and which can currently only cause named to
temporarily hang.  The remaining attacks all appear to have no known
exploits and no workarounds, anyway.

   Based on this, it seems like the best solution would be to produce
BIND 8.1.2 packages for the RedHat-Athena 4.2 systems; these packages
would both interoperate with class HS and not be vulnerable to the most
serious attacks. When these packages are announced, we should also
announce that Redhat 4.2 will no longer be supported by the SIPB as of
January 1, and that users should upgrade their systems as soon as
possible.

Garry

home help back first fref pref prev next nref lref last post