Date: 28 November 2003
References: ESB-2003.0821 ESB-2003.0823 ESB-2003.0824 ESB-2003.0825 ESB-2003.0850 ESB-2003.0870
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2003.0819 -- ISC Announcement - BIND 8.4.3 maintenance release
Security Fix: Negative Cache Poison Fix
28 November 2003
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: BIND 8.4
Publisher: ISC
Impact: Denial of Service
Access Required: Remote
CVE Names: CAN-2003-0914
- --------------------------BEGIN INCLUDED TEXT--------------------
BIND 8.4.3 Release (8.4.3-REL)
BIND 8.4.3 is a maintenance release of BIND 8.4. It includes the BIND 8.4.2
release which includes a security fix (also released as BIND 8.3.7).
Highlights.
Maintenance Release.
Highlights (8.4.2)
Security Fix: Negative Cache Poison Fix.
the distribution files are:
ftp://ftp.isc.org/isc/bind/src/8.4.3/bind-src.tar.gz
Ftp://ftp.isc.org/isc/bind/src/8.4.3/bind-doc.tar.gz
ftp://ftp.isc.org/isc/bind/src/8.4.3/bind-contrib.tar.gz
the pgp signature files are:
ftp://ftp.isc.org/isc/bind/src/8.4.3/bind-src.tar.gz.asc
ftp://ftp.isc.org/isc/bind/src/8.4.3/bind-doc.tar.gz.asc
ftp://ftp.isc.org/isc/bind/src/8.4.3/bind-contrib.tar.gz.asc
the md5 checksums are:
MD5 (bind-contrib.tar.gz) = 454f8e3caf1610941a656fcc17e1ecec
MD5 (bind-contrib.tar.gz.asc) = f8f0a5b8985a8180e5bd02207f319980
MD5 (bind-doc.tar.gz) = fcfdaaa2fc7d6485b0e3d08299948bd3
MD5 (bind-doc.tar.gz.asc) = fc0671468c2e3a1e5ff817b69da21a6b
MD5 (bind-src.tar.gz) = e78610fc1663cfe8c2db6a2d132d902b
MD5 (bind-src.tar.gz.asc) = 40453b40819fd940ad4bfabd26425619
Windows NT / Windows 2000 binary distribution.
ftp://ftp.isc.org/isc/bind/contrib/ntbind-8.4.3/readme1st.txt
ftp://ftp.isc.org/isc/bind/contrib/ntbind-8.4.3/BIND8.4.3.zip
ftp://ftp.isc.org/isc/bind/contrib/ntbind-8.4.3/BIND8.4.3.zip.asc
ftp://ftp.isc.org/isc/bind/contrib/ntbind-8.4.3/readme1sttools.txt
ftp://ftp.isc.org/isc/bind/contrib/ntbind-8.4.3/BIND8.4.3Tools.zip
ftp://ftp.isc.org/isc/bind/contrib/ntbind-8.4.3/BIND8.4.3Tools.zip.asc
the md5 checksums are:
MD5 (readme1st.txt) = ac4ce260f151dc1ab393c145f4288bba
MD5 (BIND8.4.3.zip) = 7c3e333f90edbe3820952a62ff6ffdf3
MD5 (BIND8.4.3.zip.asc) = f2190cc390ce584c0cc624835bdcc8eb
MD5 (readme1sttools.txt) = eef4c5782be1a1faac3ca0c756eaef05
MD5 (BIND8.4.3Tools.zip) = 8cb29c092394dfa430ef9ea47b6a02ea
MD5 (BIND8.4.3Tools.zip.asc) = a77b2adb1f23db780f45efee32a92882
top of CHANGES says:
--- 8.4.3 released --- (Mon Nov 24 17:27:52 PST 2003)
1617. [cleanup] don't pre-fetch missing additional address records if
we have one of A/AAAA.
1616. [func] turn on "preferred-glue A;" (if not specified in
named.conf) if the answer space is a standard UDP
message size or smaller.
1615. [func] when query logging log whether TSIG (T) and/or EDNS (E)
was used to make the query.
1614. [cleanup] on dual (IPv4+IPv6) stack servers delay the lookup of
missing glue if we have glue for one family.
1613. [cleanup] notify: don't lookup A/AAAA records for nameservers
if we don't support the address at the transport level.
1612. [func] named now takes arguements -4 and -6 to limit the
IP transport used for making queries.
1611. [debug] better packet tracing in debug output (+ some lint).
1610. [bug] don't explictly declare errno use <errno.h>.
1609. [bug] drop_port() was being called with ports in network
order rather than host order.
1608. [port] sun: force alignment of answer in dig.c.
1607. [bug] do not attempt to prime cache when recursion and
fetch-glue are disabled.
1606. [bug] sysquery duplicate detection was broken when
using forwarders.
1605. [port] sun: force alignment of newmsg in ns_resp.c.
1604. [bug] heap_delete() sometimes violated the heap invariant,
causing timer events not to be posted when due.
1603. [port] ds_remove_gen() mishandled removal IPv6 interfaces.
1602. [port] linux: work around a non-standard __P macro.
1601. [bug] dig could report the wrong server address on transfers.
1600. [bug] debug_freestr() prototype mismatch.
1599. [bug] res_nsearch() save statp->res_h_errno instead of
h_errno.
1598. [bug] dprint_ip_match_list() fails to print the mask
correctly.
1597. [bug] use the actual presentation length of the IP address
to determine if sprintf() is safe in write_tsig_info().
--- 8.4.2 released --- (Thu Sep 4 06:58:22 PDT 2003)
1596. [port] winnt: set USELOOPBACK in port_after.h
1595. [bug] dig: strcat used instead of strcpy.
1594. [bug] if only a single nameserver was listed in resolv.conf
IPv6 default server was also being used.
1593. [port] irix: update port/irix/irix_patch.
1592. [port] irix: provide a sysctl() based getifaddrs()
implementation.
1591. [port] irix: sa_len is a macro.
1590. [port] irix: doesn't have msg_control (NO_MSG_CONTROL)
1589. [port] linux: uninitalised variable.
1588. [port] solaris: provide ALIGN.
1587. [port] NGR_R_END_RESULT was not correct for some ports.
1586. [port] winnt: revert to old socket behaviour for UDP
sockets (Windows 2000 SP2 and later).
1585. [port] solaris: named-xfer needs <fcntl.h>.
1584. [port] bsdos: explictly include <netinet6/in6.h> for
4.0 and 4.1.
1583. [bug] add -X to named-xfer usage message.
1582. [bug] ns_ownercontext() failed to set the correct owner
context for AAAA records. ns_ptrcontext() failed
to return the correct context for IP6.ARPA.
1581. [bug] apply anti-cache poison techniques to negative
answers.
1580. [bug] inet_net_pton() didn't fully handle implicit
multicast IPv4 network addresses.
1579. [bug] ifa_addr can be NULL.
1578. [bug] named-xfer: wrong arguement passed to getnameinfo().
1577. [func] return referrals for glue (NS/A/AAAA) if recursion
is not desired (hp->rd = 0).
1576. [bug] res_nsendsigned() incorrectly printed the truncated
UDP response when RES_IGNTC was not set.
1575. [bug] tcp_send() passed the wrong length to evConnect().
1574. [bug] res_nsendsigned() failed to handle truncation
cleanly.
1573. [bug] tsig_size was not being copied by ns_forw().
1572. [port] bsdos: missing #include <ifaddrs.h>.
1571. [bug] AA was sometimes incorrectly set.
1570. [port] decunix: change #1544 broke OSF1 3.2C.
1569. [bug] remove extraneous closes.
1568. [cleanup] reduce the memory footprint for large numbers of
zones.
1567. [port] winnt: install MSVC70.DLL and MFC70.DLL.
1566. [bug] named failed to locate keys declared in masters
clause.
1565. [bug] named-xfer was failing to use TSIG.
1564. [port] linux: allow static linkage to work.
1563. [bug] ndc getargs_closure failed to NUL terminate strings.
1562. [bug] handle non-responsive servers better.
1561. [bug] rtt estimates were not being updated for IPv6
addresses.
1560. [port] linux: add runtime support to handle old kernels
that don't know about msg_control.
1559. [port] named, named-xfer: ensure that stdin, stdout and
stderr are open.
--- 8.4.1-P1 released --- (Sun Jun 15 17:35:10 PDT 2003)
1558. [port] sunos4 doesn't have msg_control (NO_MSG_CONTROL).
1557. [port] linux: socket returns EINVAL for unsupported family.
1556. [bug] reference through NULL pointer.
1555. [bug] sortlist wasn't being applied to AAAA queries.
1554. [bug] IPv4 access list elements of the form number/number
(e.g. 127/8) were not correctly defined.
1553. [bug] getifaddrs*() failed to set ifa_dstaddr for point
to point links (overwrote ifa_addr).
1552. [bug] buffer overruns in getifaddrs*() if the server has
point to point links.
1551. [port] freebsd: USE_IFNAMELINKIDS should be conditionally
defined.
1550. [port] TruCluster support didn't build.
1549. [port] Solaris 9 has /dev/random.
--- 8.4.1-REL released --- (Sun Jun 8 15:11:32 PDT 2003)
1548. [port] winnt: make recv visible from libbind.
1547. [port] cope with spurious EINVAL from evRead.
1546. [cleanup] dig now reports version 8.4.
1545. [bug] getifaddrs_sun6 was broken.
1544. [port] hpux 10.20 has a broken recvfrom(). Revert to recv()
in named-xfer and work around deprecated recv() in
OSF.
1543. [bug] named failed to send notifies to servers that live
in zones it was authoritative for.
1542. [bug] set IPV6_USE_MIN_MTU on IPv6 sockets if the kernel
supports it.
1541. [bug] getifaddrs_sun6() should be a no-op on early SunOS
releases.
--- 8.4.0-REL released --- (Sun Jun 1 17:49:31 PDT 2003)
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business
hours which are GMT+10:00 (AEST). On call after hours
for member emergencies only.
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBP8aVXih9+71yA2DNAQHkLwP/WMWqISEfK1JG1pJzPY5fxKz2wyHBX9Lj
JMBEkfiD95kirozWTxuRF0msylS/WsVlhm+VDk9KgTOh/BU3Y63e3hbDG+QTiyAQ
LCVJrCl+fg3ezT9leaXA1/nRZ2WNeKG1dhxE+O4PLSLG62/0q3TWBdlY1NOjDTvo
NI5MMuLV4Oo=
=yXUp
-----END PGP SIGNATURE-----
|