search menu icon-carat-right cmu-wordmark

CERT Coordination Center

ISC BIND 9 zero length rdata named vulnerability

Vulnerability Note VU#381699

Original Release Date: 2012-06-04 | Last Revised: 2012-06-04

Overview

ISC BIND 9 named contains a vulnerability that could allow a attacker to cause named to terminate unexpectedly.

Description

According to ISC's security advisory:

This problem was uncovered while testing with experimental DNS record types. It is possible to add records to BIND with null (zero length) rdata fields.

Processing of these records may lead to unexpected outcomes. Recursive servers may crash or disclose some portion of memory to the client. Secondary servers may crash on restart after transferring a zone containing these records. Master servers may corrupt zone data if the zone option "auto-dnssec" is set to "maintain". Other unexpected problems that are not listed here may also be encountered
.

Impact

According to ISC's security advisory:
This issue primarily affects recursive nameservers. Authoritative nameservers will only be impacted if an administrator configures experimental record types with no data. If the server is configured this way, then secondaries can crash on restart after transferring that zone. Zone data on the master can become corrupted if the zone with those records has named configured to manage the DNSSEC key rotation.

Solution

Apply an update

Users who obtain BIND from a third-party vendor, such as their operating system vendor, should see the vendor information portion of this document for a partial list of affected vendors.

This vulnerability is addressed in ISC BIND versions 9.6-ESV-R7-P1, 9.7.6-P1, 9.8.3-P1, or 9.9.1-P1. Users of BIND from the original source distribution should upgrade to this version.

See also https://www.isc.org/software/bind/advisories/cve-2012-1667

Vendor Information

381699
 
Affected   Unknown   Unaffected

Internet Systems Consortium

Updated:  June 04, 2012

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www.isc.org/software/bind/advisories/cve-2012-1667


CVSS Metrics

Group Score Vector
Base 8.5 AV:N/AC:L/Au:N/C:P/I:N/A:C
Temporal 6.7 E:POC/RL:OF/RC:C
Environmental 7.7 CDP:LM/TD:H/CR:ND/IR:ND/AR:ND

References

Credit

Thanks to Internet Systems Consortium for reporting this vulnerability.

This document was written by Michael Orlando.

Other Information

CVE IDs: CVE-2012-1667
Date Public: 2012-06-04
Date First Published: 2012-06-04
Date Last Updated: 2012-06-04 17:34 UTC
Document Revision: 7

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.