Overview
A vulnerability in the BIND name server could allow a remote attacker to cause a denial of service against an affected system.
Description
The Berkeley Internet Name Domain (BIND) is a popular Domain Name System (DNS) implementation from Internet Systems Consortium (ISC). BIND supports the DNS Security Extensions (DNSSEC), including the NextSECure (NSEC) RDATA Format defined by RFC3845. An incorrect assumption in the validator function authvalidated()can result in an internal consistancy test failing and named exiting. An attacker with the ability to craft specific DNS packets could exploit this vulnerability to cause a denial of service. This vulnerability only affects BIND version 9.3.0. |
Impact
A remote attacker may be able to cause the name server daemon to exit prematurely, thereby causing a denial of service for DNS operations. |
Solution
Apply a patch from the vendor Patches have been released in response to this issue. Please see the Systems Affected section of this document. |
Workarounds
|
Vendor Information
FreeBSD Affected
Notified: January 17, 2005 Updated: June 21, 2005
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The FreeBSD security team has released FreeBSD Security Advisory FreeBSD-SA-05:12.bind9 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
ISC Affected
Updated: January 25, 2005
Status
Affected
Vendor Statement
Workaround:
Turn off dnssec validation (off by default) at
the options/view level.
- dnssec-enable no;
Fix:
- Upgrade to BIND 9.3.1
http://www.isc.org/sw/bind/
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
MandrakeSoft Affected
Notified: January 17, 2005 Updated: January 31, 2005
Status
Affected
Vendor Statement
Mandrakesoft has fixed VU#938617 in advisory MDKSA-2005:023. We do not
ship any products with BIND 8 so are not vulnerable to VU#327633.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
Mandrakesoft has published Mandrakelinux Security Update Advisory MDKSA-2005:023 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Trustix Secure Linux Affected
Updated: February 16, 2005
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
The Trustix development team has published Trustix Secure Linux Security Advisory #2005-0003 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Apple Computer Inc. Not Affected
Notified: January 17, 2005 Updated: March 18, 2005
Status
Not Affected
Vendor Statement
Mac OS X 10.2, Mac OS X Server 10.2, and later do not contain this issue as the DNS packages distributed are not susceptible to the vulnerability described in this advisory.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Check Point Not Affected
Notified: January 17, 2005 Updated: January 24, 2005
Status
Not Affected
Vendor Statement
Check Point products are not vulnerable to these issues.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Debian Not Affected
Notified: January 17, 2005 Updated: January 25, 2005
Status
Not Affected
Vendor Statement
It seems that Debian stable is not vulnerable to either vulnerability
and Debian testing/unstable is only vulnerable to CAN-2005-033 (VU#327633).
The versions included are too old and the vulnerability does not seem to
be present in the older versions indeed.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Hitachi Not Affected
Notified: January 17, 2005 Updated: January 20, 2005
Status
Not Affected
Vendor Statement
NOT VULNERABLE
Hitachi HI-UX/WE2 is NOT Vulnerable to this issue.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
IBM Not Affected
Notified: January 17, 2005 Updated: January 24, 2005
Status
Not Affected
Vendor Statement
The AIX Operating System is not vulnerable to the issues discussed in CERT
Vulnerability Notes VU#938617, VU#327633 or any Technical Cyber Security
Alerts related to these issues.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
InfoBlox Not Affected
Notified: February 04, 2005 Updated: March 18, 2005
Status
Not Affected
Vendor Statement
VU #938617: BIND 9.3.0 vulnerable to denial of service in validator code
The Infoblox DNS One product is not vulnerable.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Juniper Networks Not Affected
Notified: January 17, 2005 Updated: January 24, 2005
Status
Not Affected
Vendor Statement
Juniper Networks products are not susceptible to this vulnerability
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
NEC Corporation Not Affected
Notified: January 17, 2005 Updated: March 18, 2005
Status
Not Affected
Vendor Statement
* NEC products are NOT susceptible to this vulnerability.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Red Hat Inc. Not Affected
Notified: January 17, 2005 Updated: January 18, 2005
Status
Not Affected
Vendor Statement
Red Hat Enterprise Linux ships with a BIND package, however we have verified
that the versions included in Red Hat Enterprise Linux are not vulnerable to
these issues.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Sun Microsystems Inc. Not Affected
Notified: January 17, 2005 Updated: January 24, 2005
Status
Not Affected
Vendor Statement
Sun is not affected by either of these vulnerabilities. No version of
Solaris ships with any of the affected versions of BIND and the Sun Java
Desktop System (Linux) doesn't ship an affected version of BIND either.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Adns Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
BlueCat Networks Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Conectiva Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Cray Inc. Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
EMC Corporation Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Engarde Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
F5 Networks Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Fujitsu Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
GNU glibc Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Hewlett-Packard Company Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
IBM eServer Unknown
Notified: January 17, 2005 Updated: February 01, 2005
Status
Unknown
Vendor Statement
For information related to this and other published CERT
Advisories that may relate to the IBM eServer Platforms (xSeries,
iSeries, pSeries, and zSeries) please go to
https://app-06.www.ibm.com/servers/resourcelink/lib03020.nsf/pages/securityalerts?OpenDocument&pathID=
In order to access this information you will require a Resource Link ID.
To subscribe to Resource Link go to
http://app-06.www.ibm.com/servers/resourcelink
and follow the steps for registration.
All questions should be refferred to servsec@us.ibm.com.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
IBM-zSeries Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Immunix Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Ingrian Networks Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Lucent Technologies Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Men&Mice Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
MetaSolv Software Inc. Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Microsoft Corporation Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
MontaVista Software Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
NetBSD Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Nokia Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Nortel Networks Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Novell Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
OpenBSD Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Openwall GNU/*/Linux Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
SCO-LINUX Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
SCO-UNIX Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
SGI Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Sequent Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Sony Corporation Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
SuSE Inc. Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
TurboLinux Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Unisys Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Wind River Systems Inc. Unknown
Notified: January 17, 2005 Updated: January 17, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
CVSS Metrics
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
References
Acknowledgements
Thanks to Joao Damas of the Internet Systems Consortium for reporting this vulnerability.
This document was written by Chad Dougherty based on information provided by ISC.
Other Information
CVE IDs: | CVE-2005-0034 |
Severity Metric: | 1.91 |
Date Public: | 2005-01-25 |
Date First Published: | 2005-01-25 |
Date Last Updated: | 2005-06-21 13:36 UTC |
Document Revision: | 20 |