[GTER] RES: Vulnerabilidade DoS no BIND
willian pires
willian_pires at hotmail.com
Sun Aug 9 01:13:56 -03 2015
Centos 6.5
[root at resolver02 ~]# uname -r 2.6.32-431.el6.x86_64
[root at resolver02 ~]# named -vBIND 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1
Sussa sem vulnerabilidade.
From: willian_pires at hotmail.com
To: gter at eng.registro.br
Subject: RE: [GTER] RES: Vulnerabilidade DoS no BIND
Date: Sun, 9 Aug 2015 00:09:20 -0400
Para minha tristeza
# named -v BIND 9.4.2-P2# uname -a OpenBSD s0s1-verg01.my.domain 5.4 GENERIC#31 sparc64
Tambem craschou !
09-Aug-2015 01:08:22.216 client 179.110.216.238#50244: UDP request09-Aug-2015 01:08:22.216 client 179.110.216.238#50244: using view '_bind'09-Aug-2015 01:08:22.216 client 179.110.216.238#50244: request is not signed09-Aug-2015 01:08:22.216 client 179.110.216.238#50244: recursion not available09-Aug-2015 01:08:22.216 client 179.110.216.238#50244: query09-Aug-2015 01:08:22.216 client 179.110.216.238#50244: query 'version.bind/TXT/CH' approved09-Aug-2015 01:08:22.217 client 179.110.216.238#50244: send09-Aug-2015 01:08:22.217 client 179.110.216.238#50244: sendto09-Aug-2015 01:08:22.217 client 179.110.216.238#50244: senddone09-Aug-2015 01:08:22.217 client 179.110.216.238#50244: next09-Aug-2015 01:08:22.217 client 179.110.216.238#50244: endrequest09-Aug-2015 01:08:22.217 client @0x43c3bf7000: udprecv09-Aug-2015 01:08:22.232 client 179.110.216.238#50244: UDP request09-Aug-2015 01:08:22.232 client 179.110.216.238#50244: using view '_default'09-Aug-2015 01:08:22.232 client 179.110.216.238#50244: request is not signed09-Aug-2015 01:08:22.232 client 179.110.216.238#50244: recursion not available09-Aug-2015 01:08:22.232 client 179.110.216.238#50244: query09-Aug-2015 01:08:22.232 /usr/src/usr.sbin/bind/lib/dns/message.c:2230: REQUIRE(*name == ((void *)0)) failed09-Aug-2015 01:08:22.232 exiting (due to assertion failure)
> From: leonardo.ortiz at marisolsa.com
> To: gter at eng.registro.br
> Date: Tue, 4 Aug 2015 15:52:03 +0000
> Subject: [GTER] RES: Vulnerabilidade DoS no BIND
>
> Testamos o Exploit aqui e foi "pimba", daemon do bind deu crash bonito. Após a atualização 9.10.2-P3 o problema foi resolvido.
>
>
>
> -----Mensagem original-----
> De: gter [mailto:gter-bounces at eng.registro.br] Em nome de Wilson Rogerio Lopes
> Enviada em: segunda-feira, 3 de agosto de 2015 14:55
> Para: Grupo de Trabalho de Engenharia e Operacao de Redes
> Assunto: Re: [GTER] Vulnerabilidade DoS no BIND
>
> Já tem exploit publicado
>
> https://github.com/robertdavidgraham/cve-2015-5477
>
>
>
>
>
> 2015-07-28 19:51 GMT-03:00 Rubens Kuhl <rubensk at gmail.com>:
>
> > https://kb.isc.org/article/AA-01272
> >
> > Resumo:
> >
> > *Solution:* Upgrade to the patched release most closely related to
> > your current version of BIND. These can be downloaded from
> > http://www.isc.org/downloads.
> >
> > - BIND 9 version 9.9.7-P2
> > - BIND 9 version 9.10.2-P3
> >
> >
> > Rubens
> > --
> > gter list https://eng.registro.br/mailman/listinfo/gter
> >
> --
> gter list https://eng.registro.br/mailman/listinfo/gter
> --
> gter list https://eng.registro.br/mailman/listinfo/gter
More information about the gter
mailing list