Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

bind9: CVE-2012-4244 - A specially crafted Resource Record could cause named to terminate

Related Vulnerabilities: CVE-2012-4244  

Source

Debian Bug report logs - #693015
bind9: CVE-2012-4244 - A specially crafted Resource Record could cause named to terminate

version graph

Package: bind9; Maintainer for bind9 is Debian DNS Team <team+dns@tracker.debian.org>; Source for bind9 is src:bind9 (PTS, buildd, popcon).

Reported by: Matthew Grant <matthewgrant5@gmail.com>

Date: Mon, 12 Nov 2012 03:15:02 UTC

Severity: grave

Tags: pending, upstream

Merged with 693016

Found in versions bind9/1:9.7.3.dfsg-1, bind9/1:9.8.1.dfsg.P1-4.3

Fixed in versions bind9/1:9.9.2.dfsg-1, bind9/1:9.8.1.dfsg.P1-4.4, bind9/1:9.8.4.dfsg-1, bind9/1:9.7.3.dfsg-1~squeeze7

Done: LaMont Jones <lamont@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, LaMont Jones <lamont@debian.org>:
Bug#693015; Package bind9. (Mon, 12 Nov 2012 03:15:04 GMT) (full text, mbox, link).

Acknowledgement sent to Matthew Grant <matthewgrant5@gmail.com>:
New Bug report received and forwarded. Copy sent to LaMont Jones <lamont@debian.org>. (Mon, 12 Nov 2012 03:15:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Matthew Grant <matthewgrant5@gmail.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: bind9: CVE-2012-4244 - A specially crafted Resource Record could cause named to terminate
Date: Mon, 12 Nov 2012 16:10:42 +1300
Package: bind9
Version: 1:9.8.1.dfsg.P1-4.3
Severity: normal
Tags: upstream

Dear Maintainer,

This is a remote DoS exploit on a recursive servers, or authorative
servers if RR loaded from file or via zone transfer.

Quoting https://kb.isc.org/article/AA-00778/74

"If a record with RDATA in excess of 65535 bytes is loaded into a
nameserver, a subsequent query for that record will cause named to exit
with an assertion failure."

Fixed in package bind9_9.8.4.dfsg-1 uploaded to unstable.

It's not practical to reliably backport a fix for this.  ISC have
markedly changed data structures and flags to fix other bugs, making
patching risky.  They do not provide access to their VCS.  9.8.4 is
bug fixed upstream version of 9.8.1

Rational for bind9_9.8.4.dfsg-1 package is to make bug fixing wheezy
bind9 easier/more reliable once released.

Please upgrade wheezy bind9 to 9.8.4.dfsg-1

I am a DDwith a C network router programming background, and am
currently working on an ISP DNS system, and have evaluated patchability
for other CVEs, and found too much of a risk of introducing other bugs
when using patches from other ISC versions of bind9 like 9.6ESRV.

Best Regards,

Matthew Grant

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_NZ.UTF-8, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages bind9 depends on:
ii  adduser                3.113+nmu3
ii  bind9utils             1:9.8.1.dfsg.P1-4.3
ii  debconf [debconf-2.0]  1.5.46
ii  libbind9-80            1:9.8.1.dfsg.P1-4.3
ii  libc6                  2.13-35
ii  libcap2                1:2.22-1.2
ii  libdns81               1:9.8.1.dfsg.P1-4.3
ii  libgssapi-krb5-2       1.10.1+dfsg-2
ii  libisc83               1:9.8.1.dfsg.P1-4.3
ii  libisccc80             1:9.8.1.dfsg.P1-4.3
ii  libisccfg82            1:9.8.1.dfsg.P1-4.3
ii  liblwres80             1:9.8.1.dfsg.P1-4.3
ii  libssl1.0.0            1.0.1c-4
ii  lsb-base               4.1+Debian7
ii  net-tools              1.60-24.2
ii  netbase                5.0

bind9 recommends no packages.

Versions of packages bind9 suggests:
pn  bind9-doc   <none>
ii  dnsutils    1:9.8.1.dfsg.P1-4.3
pn  resolvconf  <none>
pn  ufw         <none>

-- Configuration Files:
/etc/bind/named.conf.local changed [not included]

-- debconf information excluded

Merged 693015 693016 Request was from Matthew Grant <matthewgrant5@gmail.com> to control@bugs.debian.org. (Mon, 12 Nov 2012 03:36:05 GMT) (full text, mbox, link).

Marked as fixed in versions bind9/1:9.8.4.dfsg-1. Request was from Matthew Grant <matthewgrant5@gmail.com> to control@bugs.debian.org. (Mon, 12 Nov 2012 03:36:06 GMT) (full text, mbox, link).

Marked as fixed in versions bind9/1:9.9.2.dfsg-1. Request was from Matthew Grant <matthewgrant5@gmail.com> to control@bugs.debian.org. (Mon, 12 Nov 2012 03:36:07 GMT) (full text, mbox, link).

Severity set to 'grave' from 'normal' Request was from Matthew Grant <matthewgrant5@gmail.com> to control@bugs.debian.org. (Mon, 12 Nov 2012 03:39:06 GMT) (full text, mbox, link).

Disconnected #693016 from all other report(s). Request was from Matthew Grant <matthewgrant5@gmail.com> to control@bugs.debian.org. (Mon, 12 Nov 2012 03:45:07 GMT) (full text, mbox, link).

Merged 693015 693016 Request was from Don Armstrong <don@debian.org> to control@bugs.debian.org. (Thu, 15 Nov 2012 20:54:08 GMT) (full text, mbox, link).

Marked as found in versions bind9/1:9.7.3.dfsg-1~squeeze7. Request was from Don Armstrong <don@debian.org> to control@bugs.debian.org. (Thu, 15 Nov 2012 20:57:03 GMT) (full text, mbox, link).

No longer marked as found in versions bind9/1:9.7.3.dfsg-1~squeeze7. Request was from Don Armstrong <don@debian.org> to control@bugs.debian.org. (Thu, 15 Nov 2012 21:15:05 GMT) (full text, mbox, link).

Marked as found in versions bind9/1:9.7.3.dfsg-1. Request was from Don Armstrong <don@debian.org> to control@bugs.debian.org. (Thu, 15 Nov 2012 21:15:06 GMT) (full text, mbox, link).

Marked as fixed in versions bind9/1:9.7.3.dfsg-1~squeeze7. Request was from Don Armstrong <don@debian.org> to control@bugs.debian.org. (Thu, 15 Nov 2012 21:15:07 GMT) (full text, mbox, link).

Marked as fixed in versions bind9/1:9.8.1.dfsg.P1-4.4. Request was from Julien Cristau <jcristau@debian.org> to control@bugs.debian.org. (Sun, 25 Nov 2012 20:39:25 GMT) (full text, mbox, link).

Added tag(s) pending. Request was from LaMont Jones <lamont@debian.org> to control@bugs.debian.org. (Mon, 17 Dec 2012 04:12:03 GMT) (full text, mbox, link).

Marked Bug as done Request was from LaMont Jones <lamont@debian.org> to control@bugs.debian.org. (Fri, 01 Mar 2013 15:27:06 GMT) (full text, mbox, link).

Notification sent to Matthew Grant <matthewgrant5@gmail.com>:
Bug acknowledged by developer. (Fri, 01 Mar 2013 15:27:07 GMT) (full text, mbox, link).

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sat, 30 Mar 2013 07:26:15 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 16:17:44 2019; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started