Security 10817 Published by

MandrakeSoft has release a BIND update for Mandrake Linux 7.2 and Single Network Firewall 7.2



Several vulnerabilities were discovered in the BIND8 DNS server by ISS (Internet Security Services), including a remotely exploitable buffer overflow. The first vulnerability is how named handles SIG records; this buffer overflow can be exploited to obtain access to the victim host with the privilege of the user the named process is running as. By default, Mandrake Linux is configured to run the named process as the named user. To successfully exploit this vulnerability, the attacker must control an existing DNS domain and must be allowed to perform a recursive query.

A possible work-around is to restrict recursive requests, however MandrakeSoft encourages all users to upgrade to the provided BIND9 packages. You can also completely disable recursion by adding "recursion no;" to the options section of /etc/named.conf.

Several Denial of Service problems also exist in BIND8 that allow attackers to terminate the named process. At least one of these vulnerabilities seems to be exploitable even when the attacker is not permitted to perform recursive queries, so the work-around noted above is not effective against this DoS.

Both problems are not reported to effect BIND9. As Linux-Mandrake 7.2 and Single Network Firewall 7.2 are the only supported distributions to still ship BIND8, we have elected to upgrade to both a patched version of BIND8 and BIND9. The BIND8 packages contain the patch ISC made available late on the 13th, contrary to their original advisory which called for them to be made available next week. Despite this, however, MandrakeSoft encourages everyone who is able to upgrade to BIND9 rather than BIND8.
Read more