| Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions to correct them. |
|
 |
|
|
|
vulnerability note CVE-2010-0213
BIND: infinite loop via RRSIG
Synthesis of the vulnerability
| An attacker can send a query for a RRSIG, in order to force BIND to indefinitely sends queries to authoritative DNS servers. |
Severity: 2/4.
Creation date: 16/07/2010.
|
Description of the vulnerability
The DNS protocol defines the RRSIG type which contains the signature of Resource Records located in the Answer and Authority sections. There are as many RRSIG as signed {name,type,class} triplets in the DNS answer.
In the normal case, when a DNS query asks a RR, the answer contains this RR and its RRSIG. However, an attacker can directly ask the RRSIG, which generates an infinite loop in the following case:
- the attacker queries a recursive DNS server, and
- the DNS server has Trust Anchors (DLV - DNSSEC Lookaside Validation), and
- the RRSIG is not already in the DNS server cache.
In this case, the DNS server indefinitely sends queries to authoritative DNS servers for the RRSIG zone.
An attacker can therefore send a query for a RRSIG, in order to force BIND to indefinitely sends queries to authoritative DNS servers. |
Complete Vigil@nce bulletin
Characteristics
Title: BIND: infinite loop via RRSIG.
Keywords: Anchors Answer Authority BIND DLV DNS DNSSEC Lookaside RRSIG Records Resource Trust Validation infinite loop.
Identifiers: BID-41730, CVE-2010-0213, FEDORA-2010-11344, VIGILANCE-VUL-9769, VU#211905.
|
Information sources
Solutions for this vulnerability
Computer vulnerabilities tracking service
The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Computer vulnerability bulletins
|
