[GTER] RES: Vulnerabilidade DoS no BIND

willian pires willian_pires at hotmail.com
Sun Aug 9 01:13:56 -03 2015


Centos 6.5 
[root at resolver02 ~]# uname -r 2.6.32-431.el6.x86_64

[root at resolver02 ~]# named -vBIND 9.8.2rc1-RedHat-9.8.2-0.23.rc1.el6_5.1
Sussa sem vulnerabilidade.

From: willian_pires at hotmail.com
To: gter at eng.registro.br
Subject: RE: [GTER] RES:  Vulnerabilidade DoS no BIND
Date: Sun, 9 Aug 2015 00:09:20 -0400




Para minha tristeza
# named -v                                                                                                                                                                          BIND 9.4.2-P2# uname -a                                                                                                                                                                          OpenBSD s0s1-verg01.my.domain 5.4 GENERIC#31 sparc64
Tambem craschou ! 
09-Aug-2015 01:08:22.216 client 179.110.216.238#50244: UDP request09-Aug-2015 01:08:22.216 client 179.110.216.238#50244: using view '_bind'09-Aug-2015 01:08:22.216 client 179.110.216.238#50244: request is not signed09-Aug-2015 01:08:22.216 client 179.110.216.238#50244: recursion not available09-Aug-2015 01:08:22.216 client 179.110.216.238#50244: query09-Aug-2015 01:08:22.216 client 179.110.216.238#50244: query 'version.bind/TXT/CH' approved09-Aug-2015 01:08:22.217 client 179.110.216.238#50244: send09-Aug-2015 01:08:22.217 client 179.110.216.238#50244: sendto09-Aug-2015 01:08:22.217 client 179.110.216.238#50244: senddone09-Aug-2015 01:08:22.217 client 179.110.216.238#50244: next09-Aug-2015 01:08:22.217 client 179.110.216.238#50244: endrequest09-Aug-2015 01:08:22.217 client @0x43c3bf7000: udprecv09-Aug-2015 01:08:22.232 client 179.110.216.238#50244: UDP request09-Aug-2015 01:08:22.232 client 179.110.216.238#50244: using view '_default'09-Aug-2015 01:08:22.232 client 179.110.216.238#50244: request is not signed09-Aug-2015 01:08:22.232 client 179.110.216.238#50244: recursion not available09-Aug-2015 01:08:22.232 client 179.110.216.238#50244: query09-Aug-2015 01:08:22.232 /usr/src/usr.sbin/bind/lib/dns/message.c:2230: REQUIRE(*name == ((void *)0)) failed09-Aug-2015 01:08:22.232 exiting (due to assertion failure)

> From: leonardo.ortiz at marisolsa.com
> To: gter at eng.registro.br
> Date: Tue, 4 Aug 2015 15:52:03 +0000
> Subject: [GTER] RES:  Vulnerabilidade DoS no BIND
> 
> Testamos o Exploit aqui e foi "pimba", daemon do bind deu crash bonito. Após a atualização 9.10.2-P3 o problema foi resolvido.
> 
> 
> 
> -----Mensagem original-----
> De: gter [mailto:gter-bounces at eng.registro.br] Em nome de Wilson Rogerio Lopes
> Enviada em: segunda-feira, 3 de agosto de 2015 14:55
> Para: Grupo de Trabalho de Engenharia e Operacao de Redes
> Assunto: Re: [GTER] Vulnerabilidade DoS no BIND
> 
> Já tem exploit publicado
> 
> https://github.com/robertdavidgraham/cve-2015-5477
> 
> 
> 
> 
> 
> 2015-07-28 19:51 GMT-03:00 Rubens Kuhl <rubensk at gmail.com>:
> 
> > https://kb.isc.org/article/AA-01272
> >
> > Resumo:
> >
> > *Solution:*  Upgrade to the patched release most closely related to 
> > your current version of BIND.  These can be downloaded from 
> > http://www.isc.org/downloads.
> >
> >    - BIND 9 version 9.9.7-P2
> >    - BIND 9 version 9.10.2-P3
> >
> >
> > Rubens
> > --
> > gter list    https://eng.registro.br/mailman/listinfo/gter
> >
> --
> gter list    https://eng.registro.br/mailman/listinfo/gter
> --
> gter list    https://eng.registro.br/mailman/listinfo/gter
 		 	   		   		 	   		  


More information about the gter mailing list