BIND Dynamic Update DoS « Don't fear the penguin

Don't fear the penguin

Ιουλίου 29, 2009

BIND Dynamic Update DoS

Κατηγορίες: DNS — Tags:DNS — Sotiris Tsimbonis @ 11:20 πμ

Summary: BIND denial of service (server crash) caused by receipt of a specific remote dynamic update message
Versions affected: BIND 9, all versions
This vulnerability affects all BIND servers which serve at least one DNS zone authoritatively, as a
master, even if dynamic updates are not enabled.
Exploitable: remotely (An active remote exploit is in wide circulation at this time. Please upgrade immediately!

ISC Announcement: https://www.isc.org/node/474

Γράψτε ένα σχόλιο

No Comments Yet »

Κανένα σχόλιο ακόμα.

Κανάλι RSS για τα σχόλια του άρθρου. TrackBack URI

Γράψτε ένα σχόλιο

Αναζήτηση για:
Σελίδες
Category Cloud

DNS email favorite tools flashback howto IRC network personal photos security System Administration Uncategorized
me on twitter
- How to create pointless error reports (and how not to) http://utcc.utoronto.ca/~cks/space/blog/sysadmin/GoodErrorReports 6 hours ago
- RT: @sans_isc: [Diary] Spamassassin Milter (spamass-milter) Remote Root Attack, (Mon, Mar 15th) http://bit.ly/9Z9yCT 15 hours ago
- OpenSSH 5.4 released http://lwn.net/Articles/377703/rss 1 day ago

Blogroll
- acrotaxi
- adamo
- angelos' quotes & proverbs
- dds
- E-lawyer
- fanf
- GRNet Blog
- GSimos
- Hermes
- HSOC
- Into.The.Void
- keramida
- ksymeon
- modal echoes
- mpeimpiii
- mperi
- nibble
- riqudi
- safeworld
- Tassos
- v13
Links
Αρχείο
RSS

Subscribe to this blog's feed
Stuff I’ve been recently reading
- How to create pointless error reports (and how not to) Μαρτίου 15, 2010
  How to create pointless error reports (and how not to) Linux's little love notes about software RAID consistency errors makes a perfect example of something that system administrators run into all the time: pointless error reports. It's worth noting that a pointless error report is something different from a useless error report. A useless error re […]
  cks
- The dividing line between supporting code and forking it Μαρτίου 14, 2010
  Shared by stsimb ideally you merge changes upstream as fast as possible; the faster you merge, the less work each of your changes is for you The dividing line between supporting code and forking it Suppose that you want to provide support for a bunch of open source code but are not the primary author or maintainer. Inevitably you will have to patch bugs and […]
  (author unknown)
- An 'email marketing' wish Μαρτίου 14, 2010
  Shared by stsimb +1 for rejecting at smtp level.. An 'email marketing' wish One of my spam peculiarities is that I really dislike spam being delivered to me even if it's been tagged as spam and gets immediately filed away into the far depths of the filesystem, never to be seen again. Back when I was more actively involved in anti-spam stuff, I […]
  (author unknown)
- Time management is like juggling 5 balls Μαρτίου 14, 2010
  Shared by stsimb WORK EFFICIENTLY DURING OFFICE HOURS AND LEAVE ON TIME. GIVE THE REQUIRED TIME TO YOUR FAMILY, FRIENDS & HAVE PROPER REST. Very Short But Amazing Speech by Coca Cola CEO Bryan Dyson
  (author unknown)
- Cisco "Go" links reference in the wiki Μαρτίου 6, 2010
  One of my (very) slow-paced background projects has been building a list of all the handy Cisco.com "go" links I come across. "Go" links are easily remembered shortcut links to various content throughout Cisco.com. For example, http://cisco.com/go/fn redirects to Cisco's feature navigator tool at http://tools.cisco.com/ITDIT/CFN/jsp/ […]
  Jeremy Stretch
- Paul Vixie on DNSSEC vs. DNSCurve Μαρτίου 12, 2010
  When I wrote my recent blog posting on DNSSEC vs. DNSCurve, I wasn't aware that Paul Vixie had already written his own blog entry on the same subject. It also explains ISC's stance on DNSCurve. Recommended reading.
  Cricket Liu (Infoblox)
- Google's RE2 regular expression library Μαρτίου 14, 2010
  Shared by stsimb a new regular expression engine, called RE2, which is based on automata theory and guarantees that searches complete in linear time with respect to the size of the input and in a fixed amount of stack space. Google has announced the release of its RE2 library under a BSDish license. "At Google, we use regular expressions as part of the […]
  (author unknown)
- Are Portable Email Addresses Possible? Μαρτίου 14, 2010
  Shared by stsimb An answer to EETT's portable email addresses mandate in Greece (http://www.eett.gr/opencms/opencms/admin/News/news_0068.html) News reports say that the Israeli government is close to passing a law that requires portable e-mail addresses, similar to portable phone numbers. Number portability has been a success, making it much easier to s […]
  (author unknown)
- How much do botnets re-use their IPs? Μαρτίου 14, 2010
  Shared by stsimb 1. Spammers do not recycle their IPs amongst the same botnets at regular intervals, at least if the interval is less than one month. They get new ones each day. 2. Spammers do not share IPs amongst each other, at least if the interval is less than one month. 3. It is depressing how many new sources of IPs they are able to get, per day. One o […]
  (author unknown)
- for a better life Μαρτίου 6, 2010
  Κάποια πράγματα στην ζωή σίγουρα βασίζονται στην τύχη. Έτυχε λοιπόν να δω πριν χρόνια το American History X. Έτυχε να την ξαναδώ πριν κάποιες εβδομάδες στην τηλεόραση και να ξανα-ταρακουνηθώ από έναν διάλογο στην ταινία (η παράθεση δανεισμένη από την imdb: Bob Sweeney: There was a moment… when I used to blame everything and everyone… for all the pain and suf […]
  HSOC
SANS Internet Storm Center
- Infocon: green
  Spamassassin Milter Plugin Remote Root Attack
- Spamassassin Milter Plugin Remote Root Attack, (Mon, Mar 15th) Μαρτίου 15, 2010
  Observant reader Roy caught an interesting exploit attempt against his SMTP server. His review of th ...(more)...
- DST Issue in Windows 7 Ultimate?, (Sun, Mar 14th) Μαρτίου 14, 2010
  One of our readers reported that his copy of Windows 7 Ultimate failed to update itself overnight wi ...(more)...
- Evil Sports Sites, (Sat, Mar 13th) Μαρτίου 14, 2010
  One of our regular readers submitted a Google query to us that points to yet another temptation that ...(more)...
- Reminder: Daylight Saving Time starts tonight in several countries. See http://www.timeanddate.com/time/dst2010.html for more details., (Sun, Mar 14th) Μαρτίου 14, 2010
  ...(more)...
- Firebug 1.5.3 is out. See http://blog.getfirebug.com/2010/03/12/firebug-1-5-3/ , (Sat, Mar 13th) Μαρτίου 13, 2010
  ...(more)...
- A new version of Safari is out. Looks like for Mac and Windows. Plenty of security fixes (mostly for Windows Safari users http://support.apple.com/kb/HT4070 ), (Thu, Mar 11th) Μαρτίου 13, 2010
  ...(more)...
- Firefox 3.6 is being pushed out to users. http://www.mozilla.com/en-US/firefox/3.6/releasenotes/, (Fri, Mar 12th) Μαρτίου 12, 2010
  ...(more)...
- Interesting SKYPE SPIM., (Thu, Mar 11th) Μαρτίου 11, 2010
  Earlier this week Jared sent us an interesting SKYPE spim. Isuspect this was sent using the Sk ...(more)...
deb admin
- Running IPv6 in practice Φεβρουαρίου 3, 2010
- Securely erasing files, by filling your disk Ιανουαρίου 2, 2010
- Creating Bind DNS-Entries with regular dyndns-clients in routers Δεκεμβρίου 31, 2009
- Service Failover with heartbeat? Δεκεμβρίου 31, 2009
- Connect to Informix using PHP5 on Lenny x86_64 Νοεμβρίου 24, 2009
- Handling network mounts on a very mobile laptop? Νοεμβρίου 5, 2009
- Speeding up dynamic websites via an nginx proxy Οκτωβρίου 25, 2009
- Offline Package Management for APT Οκτωβρίου 24, 2009
- Providing a website search facility with the namazu indexer Σεπτεμβρίου 21, 2009
- Raising the uid and gid limits? Σεπτεμβρίου 16, 2009
Linux Weekly News
- Amarok 2.3.0 is out
  Version 2.3.0 of the Amarok music player has been released. "Areas such as podcast support and saved playlists have seen huge improvements, as has the support for USB mass storage devices (including generic MP3 players). With large parts of Amarok 2 becoming quite mature, it was also time to start looking forward again. Therefore, this release also cont […]
  corbet
- QA with Matt Asay: How Linux is Beating Apple and Much More (Linux.com)
  Jennifer Cloer talks with Matt Asay, COO of Canonical. "Asay: We have the chance to turn the technology world upside down. At Canonical we have Google or Apple-sized ambition, because we have community that dwarfs both of them put together. Our task is to work with the community to fulfill that opportunity. I believe we can. That's what I signed up […]
  ris
- Paul Frields on Fedora 12 and Beyond (Linux For You)
  Linux For You has an interview with Fedora Project Leader Paul Frields. "Two months after the launch of Fedora 12, we spoke to Paul Frields, Fedora Project Leader at Red Hat, about how this release has been received by the community, and what is in store for the next. Though it started as a technical discussion on what Fedora 12 offers IT admins and dev […]
  ris
- Security advisories for Monday
  CentOS has updated C5: cups (denial of service). Debian has updated drupal6 (multiple vulnerabilities). Fedora has updated F11: curl (arbitrary code execution), F11: squid (denial of service), and F11: cups (denial of service). SUSE has updated acroread, evolution-data-server, finch/pidgin/libpurple, flash-player, gmime-2_4, libnetpbm, libtool, rmail/sendmai […]
  ris
- Stable kernels 2.6.32.10 and 2.6.33.1
  The 2.6.32.10 and 2.6.33.1 stable kernel updates are out. They are both massive, with 145 and 123 patches, respectively.
  corbet
- Shuttleworth: 2 year cadence for major releases: some progress
  Mark Shuttleworth claims some progress toward his goal of having distributions synchronize their major releases and calls for more distributors to join in. "I think this is a big win for the free software community. Many upstreams have said 'we'd really like to help deliver a great stable release, but which distro should we arrange that around […]
  corbet
- LinuxCon Japan Call for Participation
  LinuxCon Japan, formerly known as the Japan Linux Symposium, has announced its call for participation (CFP). This Linux Foundation sponsored conference will be held in Tokyo September 27-29. The CFP lists a number of topic areas that are of particular interest including desktop Linux, embedded and mobile Linux, Linux adoption, and so on; it closes on May 14. […]
  jake
- Linux Foundation Collaboration Summit keynotes announced
  The Linux Foundation has announced the program for the Collaboration Summit to be held April 14-16 in San Francisco. This is an invitation-only event, though invitations can still be requested. Highlights include a full-day session on Meego, the Linux kernel roundtable, keynotes by Josh Berkus, Dr. Daniel Frye, Jim Zemlin, and others, a cloud computing round […]
  jake
- PyPy 1.2 released
  Version 1.2 of PyPy - an alternative implementation of the Python interpreter - has been released. "This version 1.2 is a major milestone and it is the first release to ship a Just-in-Time compiler that is known to be faster than CPython (and unladen swallow) on some real-world applications (or the best benchmarks we could get for them). The main theme […]
  corbet
- Security updates for Friday
  Debian has updated Egroupware (multiple vulnerabilities) and MoinMoin (multiple vulnerabilities). Fedora has updated nss (F12: TLS man-in-the-middle plaintext injection) and cups (fix for earlier denial of service fix). Mandriva has updated ncpfs (multiple vulnerabilities). Ubuntu has updated MoinMoin (multiple vulnerabilities).
  jake

	Forthnet DNS Servers… on Forthnet DNS Servers
	Forthnet Mail Server… on Forthnet Mail Servers
	Sotiris Tsimbonis on bye bye mbox, hello Maild…
	HSOC on bye bye mbox, hello Maild…
	kargig on bye bye mbox, hello Maild…
	adamo on bye bye mbox, hello Maild…
	GeoDNS with BIND … on geo dns server
	olspookishmagus on Το φλουρί στη Βασιλόπιτα
	adamo on Real Life Happened
	Dimitrios Stergiou on Real Life Happened

Don't fear the penguin

Ιουλίου 29, 2009

BIND Dynamic Update DoS

No Comments Yet »

Γράψτε ένα σχόλιο

Σελίδες

Category Cloud

me on twitter

Πρόσφατα σχόλια

Blogroll

Links

Αρχείο

RSS

Stuff I’ve been recently reading

SANS Internet Storm Center

deb admin

Linux Weekly News