[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PISA-18-NOV-99-001

To: independence-l@independence.seul.org
Subject: PISA-18-NOV-99-001
From: cogNiTioN <cognition@bigfoot.com>
Date: Mon, 22 Nov 1999 17:22:53 +0000 (GMT)
Delivery-Date: Mon, 22 Nov 1999 11:22:49 -0500
Reply-To: independence-l@independence.seul.org
Sender: owner-independence-l@independence.seul.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

              .------------------------------------------------.
              |**** Project Independence Security Advisory ****|
              `-----------* ID: PISA-18-NOV-99-001 *-----------'
               Issued by: David Webster <cognition@bigfoot.com>

Issue Date: 18-NOV-99

Overview: Security problems in bind

Affected: Independence Release 6.0-0.8 (Redhat 6.0)

References: RedHat Security Advisory; RHSA-1999:054-01
	    http://www.isc.org/products/BIND/bind-security-19991108.html

                                  -=-=-==-=-=-

Detailed Problem Description:

	Various vulnerabilities exist in previous versions of
	bind:

	- A bug in the processing of NXT records can theoretically allow
	  a remote attacker to gain access to the DNS server as the
	  user running bind (by default, root).

	- Several remote denial-of-service attacks are possible; by
	  using abnormal TCP options, causing the DNS server to use many
	  file descriptors, or using special SIG records, it may be possible
	  to crash the DNS server.

	It is recommended that all users of bind upgrade to the latest
	packages.

	Thanks go to ISC for providing the updated packages.

Solution:

	Update the affected RPM packages by downloading and
	installing the RPMs listed below. For each RPM, run:

		root# rpm -Uvh <filename>

	where <filename> is the name of the RPM.

	[Note: You need only install EITHER the compiled RPMs,
	(*.i386.rpm) OR the source RPMs, (*.src.rpm), NOT both.]

RPMs:

  ftp://updates.redhat.com/6.1/i386/bind-8.2.2_P3-1.i386.rpm
  ftp://updates.redhat.com/6.1/i386/bind-devel-8.2.2_P3-1.i386.rpm
  ftp://updates.redhat.com/6.1/i386/bind-utils-8.2.2_P3-1.i386.rpm

Source RPMs:

  ftp://updates.redhat.com/6.1/SRPMS/bind-8.2.2_P3-1.src.rpm

Verification:

MD5 sum                           Package Name
- --------------------------------------------------------------------------
f0c2e341fe81310d3031be7e0d67225f  i386/bind-8.2.2_P3-1.i386.rpm
4f34e526ec52c94b9cd3411892f920df  i386/bind-devel-8.2.2_P3-1.i386.rpm
5cb10493b44f9fe2a9c6667ebe0a0a8f  i386/bind-utils-8.2.2_P3-1.i386.rpm
987d55828aab270e14777a034d029cea  SRPMS/bind-8.2.2_P3-1.src.rpm
- --------------------------------------------------------------------------

These packages are GPG signed by Red Hat, Inc. for security.
Their key is available at: http://www.redhat.com/corp/contact.html

You can verify each package with the following command:
    rpm --checksig  <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg <filename>

This security advisory, and all future ones should be signed by me,
David Webster (aka cognition), with key ID: 45 FA C2 83

Which is avaliable from: http://www.cognite.net/pgp.html,
			 and most good pgp key servers.

An archive of these messages can be currently be found on:
http://www.cognite.net/indy/

A process of automatic retrival is being worked on.

[Note: these problems were discovered, and fixed by RedHat.]

	.---------------------------------------------------.
	| And problems regarding this, or future advisories |
	| should be emailed to me: <cognition@bigfoot.com>  |
	`---------------------------------------------------'
-----BEGIN PGP SIGNATURE-----
Comment: David Webster (aka cogNiTioN) <http://www.cognite.net/>

iD8DBQE4OXwLDdLNO0X6woMRAlaLAJ4opLkwMDgVkEZfYRztSR40ldoOeQCgtFzI
CJ+PfHBeyjA3JXjO5fp8aBY=
=T4zC
-----END PGP SIGNATURE-----

Prev by Date: PISA-18-NOV-99-000
Next by Date: PISA-18-NOV-99-002
Prev by thread: PISA-18-NOV-99-000
Next by thread: PISA-18-NOV-99-002
Index(es):
- Date
- Thread