Debian: 'bind' DoS

    Date12 Nov 2000
    CategoryDebian
    2537
    Posted ByLinuxSecurity Advisories
    The version of BIND shipped with Debian GNU/Linux 2.2 is vulnerable toa remote denial of service attack
    
    - ----------------------------------------------------------------------------
    Debian Security Advisory                                 This email address is being protected from spambots. You need JavaScript enabled to view it. 
    http://www.debian.org/security/                            Daniel Jacobowitz
    November 12, 2000
    - ----------------------------------------------------------------------------
    
    Package: bind
    Vulnerability: remote Denial of Service
    Debian-specific: no
    Vulnerable: yes
    
    The version of BIND shipped with Debian GNU/Linux 2.2 is vulnerable to
    a remote denial of service attack, which can cause the nameserver to crash
    after accessing an uninitialized pointer.  This problem is fixed in the current
    maintenance release of BIND, 8.2.2P7, and in the Debian package version
    8.2.2p7-1 for both stable and unstable releases.
    
    We recommend that all users of bind upgrade immediately.
    
    Debian GNU/Linux 2.1 alias slink
    - --------------------------------
    
      Slink is no longer being supported by the Debian Security Team.  We highly
      recommend an upgrade to the current stable release.
    
    Debian GNU/Linux 2.2 (stable) alias potato
    - ------------------------------------------
    
      Fixes are currently available for the Alpha, ARM, Intel ia32, Motorola 680x0,
      PowerPC and Sun SPARC architectures, and will be included in 2.2r2.
    
      Source archives:
        
    http://security.debian.org/dists/potato/updates/main/source/bind_8.2.2p7-1.diff.gz
          MD5 checksum: 9cde4283e855aa1bf467839af6eb32b5
        
    http://security.debian.org/dists/potato/updates/main/source/bind_8.2.2p7-1.dsc
          MD5 checksum: 7b082b218f267938627bf1657502deb0
        
    http://security.debian.org/dists/potato/updates/main/source/bind_8.2.2p7.orig.tar.gz
          MD5 checksum: a37996a13eca6667392d575611d48d10
    
      Alpha architecture:
        
    http://security.debian.org/dists/potato/updates/main/binary-alpha/bind-dev_8.2.2p7-1_alpha.deb
          MD5 checksum: 2315ecbe3d12e3b63990d3c3865757c7
        
    http://security.debian.org/dists/potato/updates/main/binary-alpha/bind_8.2.2p7-1_alpha.deb
          MD5 checksum: 714123acb9343215f1db7069a852097b
        
    http://security.debian.org/dists/potato/updates/main/binary-alpha/dnsutils_8.2.2p7-1_alpha.deb
          MD5 checksum: 52674605ace1f92dace748d2f395a25e
    
      ARM architecture:
        
    http://security.debian.org/dists/potato/updates/main/binary-arm/bind-dev_8.2.2p7-1_arm.deb
          MD5 checksum: ee34a99274fb5c39d7827022f97f90cd
        
    http://security.debian.org/dists/potato/updates/main/binary-arm/bind_8.2.2p7-1_arm.deb
          MD5 checksum: 479bc6ee1ec7420dd66492ee86a0b4f2
        
    http://security.debian.org/dists/potato/updates/main/binary-arm/dnsutils_8.2.2p7-1_arm.deb
          MD5 checksum: 9f2993e930fe124b7d781f7fcf7dd9f5
    
      Intel ia32 architecture:
        
    http://security.debian.org/dists/potato/updates/main/binary-i386/bind-dev_8.2.2p7-1_i386.deb
          MD5 checksum: 513489234a54cf0ec315614ad4d3eb6c
        
    http://security.debian.org/dists/potato/updates/main/binary-i386/bind_8.2.2p7-1_i386.deb
          MD5 checksum: e43bcbf9ea61557df87a96d3554d4a51
        
    http://security.debian.org/dists/potato/updates/main/binary-i386/dnsutils_8.2.2p7-1_i386.deb
          MD5 checksum: bda3b5b518413f158b7e22c86bcd256e
    
      Motorola 680x0 architecture:
        
    http://security.debian.org/dists/potato/updates/main/binary-m68k/bind-dev_8.2.2p7-1_m68k.deb
          MD5 checksum: fa8e79eb6df63bdb61571e0de4fd104d
        
    http://security.debian.org/dists/potato/updates/main/binary-m68k/bind_8.2.2p7-1_m68k.deb
          MD5 checksum: a20d3db55060efffe2751d06d73d2e3b
        
    http://security.debian.org/dists/potato/updates/main/binary-m68k/dnsutils_8.2.2p7-1_m68k.deb
          MD5 checksum: e882f568805162ded8d96d88a69f6bdb
    
      PowerPC architecture:
     
    http://security.debian.org/dists/potato/updates/main/binary-powerpc/bind-dev_8.2.2p7-1_powerpc.deb
          MD5 checksum: 7224113410d6c8d35facbb8a017c612b
        
    http://security.debian.org/dists/potato/updates/main/binary-powerpc/bind_8.2.2p7-1_powerpc.deb
          MD5 checksum: 8cad0e6aedcbbd73d6341dcc7dda23f9
        
    http://security.debian.org/dists/potato/updates/main/binary-powerpc/dnsutils_8.2.2p7-1_powerpc.deb
          MD5 checksum: c25d9943a4a508eb80e6e9d1c564eb29
    
      Sun Sparc architecture:
        
    http://security.debian.org/dists/potato/updates/main/binary-sparc/bind-dev_8.2.2p7-1_sparc.deb
          MD5 checksum: 022fe932c1b25fb6d59d5031de8a04ba
        
    http://security.debian.org/dists/potato/updates/main/binary-sparc/bind_8.2.2p7-1_sparc.deb
          MD5 checksum: b7c02ca550277dce564375ff28ef0f2a
        
    http://security.debian.org/dists/potato/updates/main/binary-sparc/dnsutils_8.2.2p7-1_sparc.deb
          MD5 checksum: c98c594c4846ff7a639a020e42ae7462
    
    Debian GNU/Linux Unstable alias woody
    - -------------------------------------
    
      This version of Debian is not yet released.
    
      Fixes will be available for Alpha, ARM, Intel ia32, Motorola 680x0,
      PowerPC, and SPARC in the Debian archive tomorrow.  The fixed packages
      listed above may also be installed on unstable systems.
    
    - ----------------------------------------------------------------------------
    For apt-get: deb  http://security.debian.org/ stable/updates main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"7","type":"x","order":"1","pct":58.33,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":25,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"2","type":"x","order":"3","pct":16.67,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    Advisories

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.