Bug 158882
| Summary: | CVE-2011-2464 - ISC BIND 9 Remote packet Denial of Service against Authoritative and Recursive Servers | ||
|---|---|---|---|
| Product: | Base System | Reporter: | Marcelo Gondim <gondim> |
| Component: | misc | Assignee: | Doug Barton <dougb> |
| Status: | Closed FIXED | ||
| Severity: | Affects Only Me | ||
| Priority: | Normal | ||
| Version: | Unspecified | ||
| Hardware: | Any | ||
| OS: | Any | ||
Responsible Changed From-To: freebsd-bugs->dougb Over to bind maintainer. State Changed From-To: open->closed The updates for the base were committed the same day they were released by ISC. If you need help updating your systems feel free to post to freebsd-questions@FreeBSD.org. |
I received the following information: ########################################################################## ISC BIND 9 Remote packet Denial of Service against Authoritative and Recursive Servers A specially constructed packet will cause BIND 9 ("named") to exit, affecting DNS service. CVE: CVE-2011-2464 Document Version: 2.0 Posting date: 05 Jul 2011 Program Impacted: BIND Versions affected: 9.6.3, 9.6-ESV-R4, 9.6-ESV-R4-P1, 9.6-ESV-R5b1 9.7.0, 9.7.0-P1, 9.7.0-P2, 9.7.1, 9.7.1-P1, 9.7.1-P2, 9.7.2, 9.7.2-P1, 9.7.2-P2, 9.7.2-P3, 9.7.3, 9.7.3-P1, 9.7.3-P2, 9.7.4b1 9.8.0, 9.8.0-P1, 9.8.0-P2, 9.8.0-P3, 9.8.1b1 Severity: High Exploitable: Remotely Description: A defect in the affected BIND 9 versions allows an attacker to remotely cause the "named" process to exit using a specially crafted packet. This defect affects both recursive and authoritative servers. The code location of the defect makes it impossible to protect BIND using ACLs configured within named.conf or by disabling any features at compile-time or run-time. A remote attacker would need to be able to send a specially crafted packet directly to a server running a vulnerable version of BIND. There is also the potential for an indirect attack via malware that is inadvertently installed and run, where infected machines have direct access to an organization's nameservers. CVSS Score: 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C) For more information on the Common Vulnerability Scoring System and to obtain your specific environmental score please visit: http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2 Workarounds: There are no known workarounds for publicly available servers. Administrators of servers that are not publicly available may be able to limit exposure via firewalls and packet filters. Active exploits: ISC knows of no public tools to exploit this defect at the time of this advisory. Solution: Upgrade to: 9.6-ESV-R4-P3, 9.7.3-P3 or 9.8.0-P4. ######################################################################## The bind9 version of FreeBSD 8.2-STABLE is: root@zeus)[~]# named -v BIND 9.6.-ESV-R4-P1 We are vulnerable? Because our version is included in the listing. Fix: Upgrade to: 9.6-ESV-R4-P3, 9.7.3-P3 or 9.8.0-P4.