.------------------------------------------------. |**** Project Independence Security Advisory ****| `-----------* ID: PISA-18-NOV-99-001 *-----------' Issued by: David Webster Issue Date: 18-NOV-99 Overview: Security problems in bind Affected: Independence Release 6.0-0.8 (Redhat 6.0) References: RedHat Security Advisory; RHSA-1999:054-01 http://www.isc.org/products/BIND/bind-security-19991108.html -=-=-==-=-=- Detailed Problem Description: Various vulnerabilities exist in previous versions of bind: - A bug in the processing of NXT records can theoretically allow a remote attacker to gain access to the DNS server as the user running bind (by default, root). - Several remote denial-of-service attacks are possible; by using abnormal TCP options, causing the DNS server to use many file descriptors, or using special SIG records, it may be possible to crash the DNS server. It is recommended that all users of bind upgrade to the latest packages. Thanks go to ISC for providing the updated packages. Solution: Update the affected RPM packages by downloading and installing the RPMs listed below. For each RPM, run: root# rpm -Uvh where is the name of the RPM. [Note: You need only install EITHER the compiled RPMs, (*.i386.rpm) OR the source RPMs, (*.src.rpm), NOT both.] RPMs: http://independence.seul.org/security/1999/rpms/bind-8.2.2_P3-1.i386.rpm ftp://updates.redhat.com/6.1/i386/bind-8.2.2_P3-1.i386.rpm http://independence.seul.org/security/1999/rpms/bind-devel-8.2.2_P3-1.i386.rpm ftp://updates.redhat.com/6.1/i386/bind-devel-8.2.2_P3-1.i386.rpm http://independence.seul.org/security/1999/rpms/bind-utils-8.2.2_P3-1.i386.rpm ftp://updates.redhat.com/6.1/i386/bind-utils-8.2.2_P3-1.i386.rpm Source RPMs: http://independence.seul.org/security/1999/rpms/bind-8.2.2_P3-1.src.rpm ftp://updates.redhat.com/6.1/SRPMS/bind-8.2.2_P3-1.src.rpm Verification: MD5 sum Package Name -------------------------------------------------------------------------- f0c2e341fe81310d3031be7e0d67225f i386/bind-8.2.2_P3-1.i386.rpm 4f34e526ec52c94b9cd3411892f920df i386/bind-devel-8.2.2_P3-1.i386.rpm 5cb10493b44f9fe2a9c6667ebe0a0a8f i386/bind-utils-8.2.2_P3-1.i386.rpm 987d55828aab270e14777a034d029cea SRPMS/bind-8.2.2_P3-1.src.rpm -------------------------------------------------------------------------- These packages are GPG signed by Red Hat, Inc. for security. Their key is available at: http://www.redhat.com/corp/contact.html You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg This security advisory, and all future ones should be signed by me, David Webster (aka cognition), with key ID: 45 FA C2 83 Which is avaliable from: http://www.cognite.net/pgp.html, and most good pgp key servers. An archive of these messages can be currently be found on: http://www.cognite.net/indy/ A process of automatic retrival is being worked on. [Note: these problems were discovered, and fixed by RedHat.] .---------------------------------------------------. | And problems regarding this, or future advisories | | should be emailed to me: | `---------------------------------------------------'