DNS Vulnerabilities
Impact
There are numerous vulnerabilities in Domain Name Servers (DNS) that are
documented in the
CERT Advisories.
The two principal areas are:
- A remote intruder can gain root-level access to your name server.
- A remote intruder is able to disrupt normal operation of your name server.
Problems
BIND 4.9 releases prior to BIND 4.9.7 and BIND 8 releases prior to 8.1.2 do
not properly bounds check a memory copy when responding to an inverse query
request. An improperly or maliciously formatted inverse query on a TCP
stream can crash the server or allow an attacker to gain root privileges.
BIND 4.9 releases prior to BIND 4.9.7 and BIND 8 releases prior to 8.1.2 do
not properly bounds check many memory references in the server and the
resolver. An improperly or maliciously formatted DNS message can cause the
server to read from invalid memory locations, yielding garbage record data
or crashing the server. Many DNS utilities that process DNS messages
(e.g., dig, nslookup) also fail to do proper bounds checking.
BIND 4.9 releases and BIND 8 release prior to 8.2.2 Patch 5 have a variety of
security issues. You can review them and BIND Security.
Resolutions
To resolve these problems, upgrade to the
latest version of bind. If this is not
feasible, you can apply a patch, or use a workaround, described in the
various
CERT Advisories.
CVE Reference(s):