Multiple DoS Vulnerabilities in the BIND 9 Software

[Kjette86]

Hello,

If you run any of following BIND software, update it asap:
BIND 9.3.0
BIND 9.3.1
BIND 9.3.2
BIND 9.3.3b1
BIND 9.3.3rc1
BIND 9.4.0a1
BIND 9.4.0a2
BIND 9.4.0a3
BIND 9.4.0a4
BIND 9.4.0a5
BIND 9.4.0a6
BIND 9.4.0b1

http://www.niscc.gov.uk/niscc/docs/r...90.pdf?lang=en
http://www.sitic.se/sr_item?item_id=176487 (SWEDISH)

The fixed version can you find here: http://www.isc.org/sw/bind/ (BIND 9.3.2-P1)

[chirpy]

Unfortunately, that information isn't much use without a properly compiled list for the comon OS's since most flavours of Linux backport fixes nowadays and the information in that report is purely for the ISC bind version, so is only relevant for people who install it from source. Do you know of a proper CVE number or bugtraq ID that would give better information?

[Kjette86]

What i found was this one:
http://www.niscc.gov.uk/niscc/docs/r...90.pdf?lang=en

http://www.isc.org/index.pl?/sw/bind/ > Check under Alerts, and you will see "(5 Sept 2006) NISCC 172003", click on that and you will come to that site.

But i just saw it was affected versions, so it could maybe be on all OS`s?
I have no idea, i just wanted to give a msg to all so they know it atleast and if it was any dangerous

[asterisk]

Are there any updates on this please? I see cPanel has issued an all-out precautionary message regarding this although it seems to apply only to FreeBSD in the warning message.

[Stephanie_R]

Code:

root@nameserver [/etc]# rpm -qa bind
bind-9.2.4-7_EL3

This is an RHE3 nameserver with cpanel, I'm assuming CentOs is also using a similar backported version.
According to Redhat's errata this has been adressed in bind-9.2.4-7_EL3 For RHE3 and 4

If anyone else has any input I'm sure we'd all like to know.

[niatech]

Anyone know if Fedora Core 2 is affected by these? (bind-9.2.3-13)?

[Stephanie_R]

Forgot to add,


There is a CVE for this here:
http://cve.mitre.org/cgi-bin/cvename...=CVE-2006-4096