Vulnerability Note VU#581682
ISC BIND 8 fails to properly dereference cache SIG RR elements with invalid expiry times from the internal database
A remotely exploitable denial-of-service vulnerability exists in BIND.
A remotely exploitable denial-of-service vulnerability exists in BIND 8.2 - 8.2.6 and BIND 8.3.0 - 8.3.3. ISC's description of this vulnerability states:
It is possible to de-reference a NULL pointer for certian [sic] signature expire values.
The BIND daemon will shut down. As a result, clients will not be able to connect to the service to resolve queries.
Apply a patch from your vendor. In the absence of a patch, you may wish to consider ISC's recommendation, which is upgrading to "BIND 4.9.11, BIND 8.2.7, BIND 8.3.4 or preferably BIND 9." Additionally, ISC indicates, "BIND 4 is officially deprecated. Only security fixes will be issued for BIND 4."
Disable recursion if possible.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Apple Computer Inc.||Affected||-||02 Dec 2002|
|Nortel Networks||Affected||-||03 Dec 2002|
|Red Hat Inc.||Affected||12 Nov 2002||13 Nov 2002|
|MontaVista Software||Not Affected||12 Nov 2002||13 Nov 2002|
|Nominum||Not Affected||-||13 Nov 2002|
|Alcatel||Unknown||-||25 Feb 2003|
CVSS Metrics (Learn More)
Internet Security Systems is credited for discovering this vulnerability.
This document was written by Ian A Finlay.
- CVE IDs: CAN-2002-1221
- Date Public: 12 Nov 2002
- Date First Published: 13 Nov 2002
- Date Last Updated: 25 Feb 2003
- Severity Metric: 27.54
- Document Revision: 8
If you have feedback, comments, or additional information about this vulnerability, please send us email.