CERTA-2002-AVI-116
Vulnerability from certfr_avis

Il est possible de fabriquer un paquet DNS qui, envoyé au serveur, provoquera son arrêt.

Description

Lorsque certains tests de cohérence échouent sur un message, le serveur s'arrête au lieu de simplement rejeter la requête. Des paquets peuvent donc être créés pour déclencher ce comportement et obtenir un déni de service.

Solution

Mettre à jour BIND 9 avec une version au moins égale à la 9.2.1.

  • Sources

    http://www.isc.org/products/BIND/bind9.html

  • Red Hat Linux

    http://rhn.redhat.com/errata/RHSA-2002-105.html

  • Mandrake Linux

    http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-038.php

Tout système utilisant BIND 9 dans une version antérieure à la 9.2.1 (versions 4 et 8 non affectées).

Impacted products
Vendor Product Description
References
Avis CA-2002-15 du CERT/CC None vendor-advisory
Avis du CERT/CC - other

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eTout syst\u00e8me utilisant BIND 9 dans une version ant\u00e9rieure \u00e0 la  9.2.1 (versions 4 et 8 non affect\u00e9es).\u003c/P\u003e",
  "content": "## Description\n\nLorsque certains tests de coh\u00e9rence \u00e9chouent sur un message, le serveur\ns\u0027arr\u00eate au lieu de simplement rejeter la requ\u00eate. Des paquets peuvent\ndonc \u00eatre cr\u00e9\u00e9s pour d\u00e9clencher ce comportement et obtenir un d\u00e9ni de\nservice.\n\n## Solution\n\nMettre \u00e0 jour BIND 9 avec une version au moins \u00e9gale \u00e0 la 9.2.1.\n\n-   Sources\n\n        http://www.isc.org/products/BIND/bind9.html\n\n-   Red Hat Linux\n\n        http://rhn.redhat.com/errata/RHSA-2002-105.html\n\n-   Mandrake Linux\n\n        http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-038.php\n",
  "cves": [],
  "initial_release_date": "2002-06-05T00:00:00",
  "last_revision_date": "2002-06-05T00:00:00",
  "links": [
    {
      "title": "Avis du CERT/CC",
      "url": "http://www.kb.cert.org/vuls/id/739123"
    }
  ],
  "reference": "CERTA-2002-AVI-116",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2002-06-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni du service dns assur\u00e9 par bind avec incidences sur tous les protocoles l\u0027utilisant (http, smtp,...)"
    }
  ],
  "summary": "Il est possible de fabriquer un paquet DNS qui, envoy\u00e9 au serveur,\nprovoquera son arr\u00eat.\n",
  "title": "D\u00e9ni de service sur BIND 9",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Avis CA-2002-15 du CERT/CC",
      "url": null
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.