[Dshield] Fw: ISS Security Advisory: Multiple Remote Vulnerabilities in BIND4 and BIND8

Johannes Ullrich jullrich at euclidian.com
Tue Nov 12 18:23:48 GMT 2002

   FYI ... 

Internet Security Systems Security Brief
November 12, 2002
Multiple Remote Vulnerabilities in BIND4 and BIND8

ISS X-Force has discovered several serious vulnerabilities in the
Berkeley Internet Name Domain Server (BIND). BIND is the most common
implementation of the DNS (Domain Name Service) protocol, which is used
on the vast majority of DNS servers on the Internet. DNS is a vital
Internet protocol that maintains a database of easy-to-remember domain
names (host names) and their corresponding numerical IP addresses.

The vulnerabilities described in this advisory affect nearly all
currently deployed recursive DNS servers on the Internet. The DNS
network is considered a critical component of Internet infrastructure.
There is no information implying that these exploits are known to the
computer underground, and there are no reports of active attacks. If
exploits for these vulnerabilities are developed and made public, they
may lead to compromise and DoS attacks against vulnerable DNS servers.
Since the vulnerability is widespread, an Internet worm may be developed
to propagate by exploiting the flaws in BIND. Widespread attacks against
the DNS system may lead to general instability and inaccuracy of DNS

Affected Versions:

BIND SIG Cached RR Overflow Vulnerability	

	BIND 8, versions up to and including 8.3.3-REL
	BIND 4, versions up to and including 4.9.10-REL


	BIND 8, versions 8.3.0 up to and including 8.3.3-REL

BIND SIG Expiry Time DoS

	BIND 8, versions up to and including 8.3.3-REL

For the complete ISS X-Force Security Advisory, please visit:


About Internet Security Systems (ISS) Founded in 1994, Internet Security
Systems (ISS) (Nasdaq: ISSX) is a pioneer and world leader in software
and services that protect critical online resources from an ever-
changing spectrum of threats and misuse. Internet Security Systems is
headquartered in Atlanta, GA, with additional operations throughout the
Americas, Asia, Australia, Europe and the Middle East.

Copyright (c) 2002 Internet Security Systems, Inc. All rights reserved

Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforce at iss.net for

Disclaimer: The information within this paper may change without notice.
Use of this information constitutes acceptance for use in an AS IS
condition. There are NO warranties, implied or otherwise, with regard to
this information or its use. Any use of this information is at the
user's risk. In no event shall the author/distributor (Internet Security
Systems X-Force) be held liable for any damages whatsoever arising out
of or in connection with the use or spread of this information.

X-Force PGP Key available on MIT's PGP key server and PGP.com's key
server, as well as at http://www.iss.net/security_center/sensitive.php

Please send suggestions, updates, and comments to: X-Force
xforce at iss.net of Internet Security Systems, Inc.

Version: 2.6.2


jullrich at euclidian.com             Collaborative Intrusion Detection
                                         join http://www.dshield.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20021112/cedd7d19/attachment.bin

More information about the list mailing list