[INFOSEG] DoS BUG no BIND9

[Leandro M Bertholdo]

Novo Bug afetando BIND9
[ https://www.isc.org/node/474 ]



BIND Dynamic Update DoS
CVE:
	  	CVE-2009-0696 	 
CERT:
	  	VU#725188 	 
Posting date:
	  	2009-07-28 	 
Program Impacted: 
	  	BIND 	 
Versions affected: 
	  	BIND 9 (all versions)
Severity:
	  	High 	 
Exploitable:
	  	remotely 	 
Summary:
	  	BIND denial of service (server crash) caused by receipt of a
specific remote dynamic update message.
Description:

Urgent: this exploit is public. Please upgrade immediately.

Receipt of a specially-crafted dynamic update message may cause BIND 9
servers to exit. This vulnerability affects all servers - it is not limited
to those that are configured to allow dynamic updates. Access controls will
not provide an effective workaround.

dns_db_findrdataset() fails when the prerequisite section of the dynamic
update message contains a record of type "ANY" and where at least one RRset
for this FQDN exists on the server.

db.c:659: REQUIRE(type != ((dns_rdatatype_t)dns_rdatatype_any)) failed
exiting (due to assertion failure).
Workarounds:
None.

(Some sites may have firewalls that can be configured with packet filtering
techniques to prevent nsupdate messages from reaching their nameservers.)
Active exploits:
An active remote exploit is in wide circulation at this time.
Solution:

Upgrade BIND to one of 9.4.3-P3, 9.5.1-P3 or 9.6.1-P1. These versions can be
downloaded from:

    http://ftp.isc.org/isc/bind9/9.6.1-P1/bind-9.6.1-P1.tar.gz

    http://ftp.isc.org/isc/bind9/9.5.1-P3/bind-9.5.1-P3.tar.gz

    http://ftp.isc.org/isc/bind9/9.4.3-P3/bind-9.4.3-P3.tar.gz

Acknowledgement:

Matthias Urlichs
Revision History:

2009-07-28 Initial text