[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bind 8.2.2-P7 dies

To: ports_(_at_)_openbsd_(_dot_)_org, kai_(_dot_)_gallasch_(_at_)_ruhr-uni-bochum_(_dot_)_de
Subject: Re: Bind 8.2.2-P7 dies
From: Rickie Kerndt <kerndtr_(_at_)_kerndt_(_dot_)_com>
Date: Mon, 26 Feb 2001 09:13:47 -0800

 Has anyone experienced bind 8.2.2-P7 built from ports in
 Release 2.8 to crash when receiving queries of type TXT/CHAOS ?


Ye gads, man. 8.2.2-P<anything> has ugly root exploits out for it.

Feb 25 20:44:56 ns2 named[18020]: XX /64.45.60.53/version.bind/TXT/CHAOS


What you're probably seing is a query for the bind version.  Then, because
you're running 8.2.2 and advertising "hack me", you're probably getting hit
with buffer overflow code that's crashing your name server.

Using binds access control features would help. I see bind version queries on a regular basis but these are refused by my access controls. No one has crashed named yet.I've set to allow recursive queries only from the local network and then allow queries from outside only for authoritive zones I wish to make public.

--


-Rickie Kerndt
 Santa Clara, CA
 kerndtr_(_at_)_kerndt_(_dot_)_com

References:
- 2.8: Bind 8.2.2-P7 dies
  - From: Kai Gallasch

Prev by Date: Re: RFC: devel/freetds
Next by Date: archivers/rar patch
Previous by thread: 2.8: Bind 8.2.2-P7 dies
Next by thread: RFC: devel/freetds
Index(es):
- Date
- Thread

Visit your host, monkey.org