BSDnewsletter.com

   Front | Info | Lists | Newsfeeds | Study Guide | What is BSD? RSS  

Potential buffer overflow in DNS resolvers

By Jeremy C. Reed

A remote buffer overflow in some BIND-based DNS resolvers has been found. This code is found in the BSD libc. It was reported by Joost Pol.

Possibly arbitary code could be executed running with the permissions of an application using the resolver (such as gethostbyname). This issue could possibly be exploited by an outgoing DNS query made to a hostile server that provides a carefully-crafted message.

It is reported that a workaround is to block all direct DNS queries and responses using a firewall and have the client systems use a good nameserver for recursive resolution, such as BIND 9.2.1 or DJB's dnscache.

A patch for FreeBSD 4.5 and 4.6 is available at ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:28/resolv.patch.

A patch for OpenBSD 3.1 is at ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/007_resolver.patch.

And for NetBSD, the netbsd-1-4, netbsd-1-5, and netbsd-1-6 branches have been updated. (For more information, see NetBSD Security Advisory 2002-006.)

Because the issue is in libc, statically-linked executables should be rebuilt.

More information can be found in Pine Internet Security Advisory PINE-CERT-20020601 and CERT/CC Vulnerability Note VU#803539.

Discussion

Discuss this article below.


Name:

Email:

Subject:

Message:

Stop Spam Abuse: What operating system's CVS history begins in March 1993?


BSD Links

· Advocacy
· Drivers
· Events
· Flavours
· FAQs
· Guides
· Programming
· Security
· Software
· User Groups

September 16, 2013 11:24:30

Front | Information | Lists | Newsfeeds | Study Guide