The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Bind: denial of service via query_addsoa

Synthesis of the vulnerability 

An attacker can send two recursive queries in order to stop Bind version 9.4.0.
Impacted systems: Fedora, BIND, Mandriva Linux.
Severity of this alert: 2/4.
Creation date: 02/05/2007.
Références of this alert: BID-23738, CERTA-2007-AVI-199, CVE-2007-2241, FEDORA-2007-0300, MDKSA-2007:100, VIGILANCE-VUL-6773, VU#718460.

Description of the vulnerability 

Bind server can be configured to allow recursive queries with "recursion yes;".

In this case, an attacker can:
 - configure a DNS server with:
     subzone.example1.dom NS dnsserver.example2.dom (different domains)
     subzone.example1.dom RRSIG ... (signature)
 - send a recursive query to Bind for:
     subzone.example1.dom NS
 - send another recursive query to Bind for:
     subzone.example1.dom RRSIG
This second query generates an assertion error in query_addsoa() function of Bind.

An attacker allowed to send recursive queries can therefore create a denial of service.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This weakness announce impacts software or systems such as Fedora, BIND, Mandriva Linux.

Our Vigil@nce team determined that the severity of this vulnerability alert is medium.

The trust level is of type confirmed by the editor, with an origin of intranet client.

An attacker with a expert ability can exploit this computer threat announce.

Solutions for this threat 

Bind: version 9.4.1.
Version 9.4.1 is corrected:
  ftp://ftp.isc.org/isc/bind9/9.4.1/bind-9.4.1.tar.gz
  ftp://ftp.isc.org/isc/bind9/9.4.1/BIND9.4.1.zip
  ftp://ftp.isc.org/isc/bind9/9.4.1/BIND9.4.1.debug.zip

Bind: workaround for query_addsoa.
A workaround is to deactivate recursive queries :
  recursion no;

Fedora 7: new bind packages.
New packages are available:
ba2a3985506629825c02bbe22d66978d3fe221ec bind-sdb-9.4.1-4.fc7.ppc64.rpm
0a39a6cbdfee4db76a1b1b8c56295125f09c1137 bind-utils-9.4.1-4.fc7.ppc64.rpm
abee0f704a562b14ac1d039c4aed23e17452caa4 caching-nameserver-9.4.1-4.fc7.ppc64.rpm
7b407e717c41deba4af4d72e4d64083b9fd3ab03 bind-9.4.1-4.fc7.ppc64.rpm
70739b715b887b39fa51a9df9f408a7119fd39ff bind-libs-9.4.1-4.fc7.ppc64.rpm
cdac104a48b4444351093e56799461eeb79276f7 bind-chroot-9.4.1-4.fc7.ppc64.rpm
09b2fef65fedb8f6cfe0a2d5f4787120899753e1 bind-devel-9.4.1-4.fc7.ppc64.rpm
da94459318558bd49544036f0a3a4acae6b830c0 bind-debuginfo-9.4.1-4.fc7.ppc64.rpm
6b4d74f107bf7e6b0f847b0cdf9529c6c4a49a01 bind-debuginfo-9.4.1-4.fc7.i386.rpm
67d23f359d7a6f5af56f2daa9445e70bd838d801 bind-sdb-9.4.1-4.fc7.i386.rpm
1debb40915cca96bee520e86961f7006e5a72cd8 bind-chroot-9.4.1-4.fc7.i386.rpm
c012ce3a35934a416f8fbbffb19a285eae09630e bind-libs-9.4.1-4.fc7.i386.rpm
33694cda4577cf0d22320cc9502cafa3f7d4500e caching-nameserver-9.4.1-4.fc7.i386.rpm
fb54cd97c916704bc3f318adc8cad72b950e7cd6 bind-devel-9.4.1-4.fc7.i386.rpm
d122d490680d46e83c9dc09cd7fd51e69651ab28 bind-9.4.1-4.fc7.i386.rpm
43e1a2cbdeb84059227b81fa1faa4a04e2d01baa bind-utils-9.4.1-4.fc7.i386.rpm
1bbd7f86a82d3432d3c1a69b7035333c7397be2e bind-sdb-9.4.1-4.fc7.x86_64.rpm
e643612f07a751f482f2981c4613d24b5b915368 bind-utils-9.4.1-4.fc7.x86_64.rpm
badccb7d6ed84a9e8feee620af2ecc773954ea20 bind-9.4.1-4.fc7.x86_64.rpm
395487f9211aeec275693e136359a10e526019c9 bind-chroot-9.4.1-4.fc7.x86_64.rpm
0371555ea02538ba630bec6c98f12ff3eb3f60d9 caching-nameserver-9.4.1-4.fc7.x86_64.rpm
7fa0940b2e5939b18ddf1185ebdb29e487efd5f8 bind-devel-9.4.1-4.fc7.x86_64.rpm
64b38d527ad7cfd7c9d216d0eac80e2ba81cb465 bind-debuginfo-9.4.1-4.fc7.x86_64.rpm
0bb6ee7d9d22455130069040305a4629c1ef8316 bind-libs-9.4.1-4.fc7.x86_64.rpm
c095c7652ed61e88b757016a86a2c3d97a87b23d caching-nameserver-9.4.1-4.fc7.ppc.rpm
8052656a5abdd1e9004673a6fc0898543f248678 bind-chroot-9.4.1-4.fc7.ppc.rpm
7f76d30431794155c88044740c32600984b61d02 bind-devel-9.4.1-4.fc7.ppc.rpm
6bcec8a2bbcc182c478cf57505b798c050b04f6b bind-sdb-9.4.1-4.fc7.ppc.rpm
1385e72a0923d6726da4f2c3703f4dca9160d0ba bind-utils-9.4.1-4.fc7.ppc.rpm
f7198d57c02ed5e4b7932950a5dbe515c46c600a bind-debuginfo-9.4.1-4.fc7.ppc.rpm
c83b0518d8cbf17a1d3fce73aa7bfee5ba66f6c1 bind-9.4.1-4.fc7.ppc.rpm
318dfbb53f93e1951546b40ee616bdf34a13357c bind-libs-9.4.1-4.fc7.ppc.rpm
20ba3e635f17aabdbd395096611f753fd988bb33 bind-9.4.1-4.fc7.src.rpm

Mandriva: new bind packages.
New packages are available:
 
 Mandriva Linux 2007.1:
 57cb395e90aeb74f2498f2e154172465 2007.1/i586/bind-9.4.1-0.1mdv2007.1.i586.rpm
 69b03c9b0102ad38a66c7fa83494c4b9 2007.1/i586/bind-devel-9.4.1-0.1mdv2007.1.i586.rpm
 e9b334b02b3a4e41e5d3420ad6fea55b 2007.1/i586/bind-utils-9.4.1-0.1mdv2007.1.i586.rpm
 80651459f8b9eb8972c272ea00d50303 2007.1/SRPMS/bind-9.4.1-0.1mdv2007.1.src.rpm
 Mandriva Linux 2007.1/X86_64:
 5b63e8711242930791674a1c923e336c 2007.1/x86_64/bind-9.4.1-0.1mdv2007.1.x86_64.rpm
 71985147d455aa30b2eb96d40b4b2bf2 2007.1/x86_64/bind-devel-9.4.1-0.1mdv2007.1.x86_64.rpm
 3015360a5eea54160a5a5c63bdbe1228 2007.1/x86_64/bind-utils-9.4.1-0.1mdv2007.1.x86_64.rpm
 80651459f8b9eb8972c272ea00d50303 2007.1/SRPMS/bind-9.4.1-0.1mdv2007.1.src.rpm
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a cybersecurity bulletin. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.