den
Старожил
Зарегистрирован: 31.01.2006 Сообщения: 13870 Откуда: Кировоград, Украина
|
|
|
|
В DNS-сервере BIND версий 9.3.0—9.3.3rc1, а также 9.4.0[ab] обнаружена уязвимость при обслуживании SIG-записей для рекурсивных серверов и авторитетных с DNSSEC-зонами (CVE-2006-4095), а также в обработке INSIST при избыточных рекурсивных запросах (CVE-2006-4096); отмечается, что код в 9.2.x предположительно не подвержен данной проблеме.
Рекомендуется обновление до BIND 9.4.0b2, 9.3.3rc2, 9.3.2-P1, 9.2.7rc1, 9.2.6-P1 или более поздних.
Internet Systems Consortium Security Advisory.
BIND 9: Multiple DoS vulnerabilities
5 September 2006
Versions affected:
BIND 9.3.0, BIND 9.3.1, BIND 9.3.2, BIND 9.3.3b1 and BIND 9.3.3rc1
BIND 9.4.0a1, 9.4.0a2, 9.4.0a3, 9.4.0a4, 9.4.0a5, 9.4.0a6 and
9.4.0b1.
See note for BIND 9.2.x
Severity: HIGH
Exploitable: Remotely
Type: DoS
SIG Query Processing (CVE-2006-4095):
Recursive servers:
Queries for SIG records will trigger a assertion failure if
more than one SIG(covered) RRset is returned.
Exposure can be minimized by restricting sources that can
ask for recursion.
Authoritative servers:
If a nameserver is serving a RFC 2535 DNSSEC zone and is
queried for the SIG records where the are multiple SIG(covered)
RRsets (e.g. a zone apex) then named will trigger a assertion
failure when it trys to construct the response.
Excessive Recursive Queries INSIST failure (CVE-2006-4096):
It is possible to trigger a INSIST failure by sending enough
recursive queries that the response to the query arrives after
all the clients looking for the response have left the recursion
queue.
Exposure can be minimized by restricting sources that can
ask for recursion.
Note for BIND 9.2.x:
Code handling this path for 9.2.x has been determined to be wrong,
though ISC has not been able to detect an execution path that would
trigger the erroneous code in 9.2.x.
Nonetheless a patch is provided.
Fix:
Upgrade to BIND 9.4.0b2, BIND 9.3.3rc2, BIND 9.3.2-P1, BIND 9.2.7rc1
or BIND 9.2.6-P1 (or later).
These can be found via: www.isc.org/sw/bind/
Спасибо за информацию Max Britov.
Ссылки:
secunia.com/advisories/21752/ |
|