Vulnerability Note VU#938617

BIND 9.3.0 vulnerable to denial of service in validator code

Original Release date: 25 Jan 2005 | Last revised: 21 Jun 2005

Overview

A vulnerability in the BIND name server could allow a remote attacker to cause a denial of service against an affected system.

Description

The Berkeley Internet Name Domain (BIND) is a popular Domain Name System (DNS) implementation from Internet Systems Consortium (ISC). BIND supports the DNS Security Extensions (DNSSEC), including the NextSECure (NSEC) RDATA Format defined by RFC3845. An incorrect assumption in the validator function authvalidated()can result in an internal consistancy test failing and named exiting. An attacker with the ability to craft specific DNS packets could exploit this vulnerability to cause a denial of service. This vulnerability only affects BIND version 9.3.0.

Impact

A remote attacker may be able to cause the name server daemon to exit prematurely, thereby causing a denial of service for DNS operations.

Solution

Apply a patch from the vendor

Patches have been released in response to this issue. Please see the Systems Affected section of this document.

Upgrade

Users who compile their own versions of BIND from the original ISC source code are encouraged to upgrade to BIND version 9.3.1, which includes a patch for this issue.

Workarounds


ISC recommends that users that are unable to apply the patch ensure that dnssec validation is turned off (it is off by default) at the options/view level. The relevant BIND configuration directive is:

    dnssec-enable no;

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
FreeBSDAffected17 Jan 200521 Jun 2005
ISCAffected-25 Jan 2005
MandrakeSoftAffected17 Jan 200531 Jan 2005
Trustix Secure LinuxAffected-16 Feb 2005
Apple Computer Inc.Not Affected17 Jan 200518 Mar 2005
Check PointNot Affected17 Jan 200524 Jan 2005
DebianNot Affected17 Jan 200525 Jan 2005
HitachiNot Affected17 Jan 200520 Jan 2005
IBMNot Affected17 Jan 200524 Jan 2005
InfoBloxNot Affected04 Feb 200518 Mar 2005
Juniper NetworksNot Affected17 Jan 200524 Jan 2005
NEC CorporationNot Affected17 Jan 200518 Mar 2005
Red Hat Inc.Not Affected17 Jan 200518 Jan 2005
Sun Microsystems Inc.Not Affected17 Jan 200524 Jan 2005
AdnsUnknown17 Jan 200517 Jan 2005
If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

Thanks to Joao Damas of the Internet Systems Consortium for reporting this vulnerability.

This document was written by Chad Dougherty based on information provided by ISC.

Other Information

  • CVE IDs: CAN-2005-0034
  • Date Public: 25 Jan 2005
  • Date First Published: 25 Jan 2005
  • Date Last Updated: 21 Jun 2005
  • Severity Metric: 1.91
  • Document Revision: 20

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.