Go
     

    Offered Products:
Aventurin{e}
BlueQuartz Servers
BlueQuartz Software
Zenoss Monitoring
Barebones
Cobalt Software
Software upgrades & reinstalls


    Help
Recover password
Contact us
Privacy statement
Terms & Conditions
Webhosting Usage Policy
Submit Login Details
Support Tickets


Updated: Multiple vulnerabilities in Bind DNS server
12.11.2002
ISS X-Force has discovered several serious vulnerabilities in the Berkeley Internet Name Domain Server (BIND). BIND is the most common implementation of the DNS (Domain Name Service) protocol, which is used on the vast majority of DNS servers on the Internet. DNS is a vital Internet protocol that maintains a database of easy-to-remember domain names (host names) and their corresponding numerical IP addresses.

The vulnerabilities described in this advisory affect nearly all currently deployed recursive DNS servers on the Internet. The DNS network is considered a critical component of Internet infrastructure. There is no information implying that these exploits are known to the computer underground, and there are no reports of active attacks. If exploits for these vulnerabilities are developed and made public, they may lead to compromise and DoS attacks against vulnerable DNS servers. Since the vulnerability is widespread, an Internet worm may be developed to propagate by exploiting the flaws in BIND. Widespread attacks against the DNS system may lead to general instability and inaccuracy of DNS data.


See ISS's full advisory for all details.

Impact for Sun Cobalt owners:

All Sun Cobalt products (except for the RaQ550) with activated DNS server are affected. This also includes RaQ3's and RaQ4's with Solarspeed.net's free BIND-8.3.3 PKG file.

BIND installations should be upgraded to BIND version 4.9.11, 8.2.7, 8.3.4 or to BIND version 9. BIND 9 was not affected by any of the vulnerabilities described in this advisory.

However, although the recommendation is to upgrade to a fixed version of BIND. As soon as it is released Solarspeed.net will roll up a free PKG file for the RaQ3 and RaQ4.

Update:

By now patches for Bind are available.

We also rolled up a PKG file for the RaQ3 and RaQ4.

There is also an interesting discussion on Bugtraq regarding the unethical behaviour of ISS X-Force in this affair. They knew about the hole for quite some time, but notified nobody. Instead they fixed all the affected appliances and software they offer and only released the information as someone else was apparently about to spring the news. This left all other vendors without fix - or even the awareness that there was a problem.

That's not exactly what one would call responsible disclosure.

<< back