CVE-2002-1221
CVSS5.0
发布时间 :2002-11-29 00:00:00
修订时间 :2016-10-17 22:24:54
NMCOS    

[原文]BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.


[CNNVD]ISC BIND SIG资源记录无效过期时间拒绝服务攻击漏洞(CNNVD-200211-066)

        
        BIND是一个应用非常广泛的DNS协议的实现,由ISC(Internet Software Consortium)负责维护,具体的开发由Nominum(www.nominum.com)公司来完成。
        允许递归查询的BIND 8服务器可能会由于使用一个无效空指针而造成服务中断。一个控制了一个权威域名服务器的攻击者可以导致受影响的BIND 8服务器试图缓存带有无效过期时间的SIG资源记录的信息。这些记录会被从BIND内部数据库中删除,但BIND仍然会错误地引用这些记录,从而造成拒绝服务攻击。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/a:isc:bind:8.2ISC BIND 8.2
cpe:/a:isc:bind:8.1.1ISC BIND 8.1.1
cpe:/a:isc:bind:8.1.2ISC BIND 8.1.2
cpe:/a:isc:bind:8.2.1ISC BIND 8.2.1
cpe:/a:isc:bind:8.3.0ISC BIND 8.3.0
cpe:/a:isc:bind:8.1ISC BIND 8.1
cpe:/a:isc:bind:8.2.4ISC BIND 8.2.4
cpe:/a:isc:bind:8.3.3ISC BIND 8.3.3
cpe:/o:openbsd:openbsd:3.0OpenBSD 3.0
cpe:/a:isc:bind:8.2.5ISC BIND 8.2.5
cpe:/a:isc:bind:8.2.2ISC BIND 8.2.2
cpe:/a:isc:bind:8.3.1ISC BIND 8.3.1
cpe:/a:isc:bind:8.2.3ISC BIND 8.2.3
cpe:/a:isc:bind:8.3.2ISC BIND 8.3.2
cpe:/o:freebsd:freebsd:4.6FreeBSD 4.6
cpe:/o:freebsd:freebsd:4.7FreeBSD 4.7
cpe:/a:isc:bind:8.2.6ISC BIND 8.2.6
cpe:/o:openbsd:openbsd:3.2OpenBSD 3.2
cpe:/o:openbsd:openbsd:3.1OpenBSD 3.1
cpe:/o:freebsd:freebsd:4.4FreeBSD 4.4
cpe:/o:freebsd:freebsd:4.5FreeBSD 4.5

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:2094BIND DoS via SIG RR Elements
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1221
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1221
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200211-066
(官方数据源) CNNVD

- 其它链接及资源

http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469
(VENDOR_ADVISORY)  ISS  20021112 Multiple Remote Vulnerabilities in BIND4 and BIND8
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000546
(UNKNOWN)  CONECTIVA  CLA-2002:546
http://lists.apple.com/archives/Security-announce/2002/Nov/msg00000.html
(UNKNOWN)  APPLE  2002-11-21
http://marc.info/?l=bugtraq&m=103713117612842&w=2
(UNKNOWN)  BUGTRAQ  20021112 [Fwd: Notice of serious vulnerabilities in ISC BIND 4 & 8]
http://marc.info/?l=bugtraq&m=103763574715133&w=2
(UNKNOWN)  BUGTRAQ  20021118 TSLSA-2002-0076 - bind
http://online.securityfocus.com/advisories/4999
(UNKNOWN)  COMPAQ  SSRT2408
http://online.securityfocus.com/archive/1/300019
(UNKNOWN)  BUGTRAQ  20021115 [OpenPKG-SA-2002.011] OpenPKG Security Advisory (bind, bind8)
http://www.cert.org/advisories/CA-2002-31.html
(UNKNOWN)  CERT  CA-2002-31
http://www.ciac.org/ciac/bulletins/n-013.shtml
(UNKNOWN)  CIAC  N-013
http://www.debian.org/security/2002/dsa-196
(UNKNOWN)  DEBIAN  DSA-196
http://www.isc.org/products/BIND/bind-security.html
(VENDOR_ADVISORY)  CONFIRM  http://www.isc.org/products/BIND/bind-security.html
http://www.kb.cert.org/vuls/id/581682
(UNKNOWN)  CERT-VN  VU#581682
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-077.php
(UNKNOWN)  MANDRAKE  MDKSA-2002:077
http://www.securityfocus.com/bid/6159
(UNKNOWN)  BID  6159
http://xforce.iss.net/xforce/xfdb/10333
(UNKNOWN)  XF  bind-null-dereference-dos(10333)

- 漏洞信息

ISC BIND SIG资源记录无效过期时间拒绝服务攻击漏洞
中危 其他
2002-11-29 00:00:00 2005-05-13 00:00:00
远程  
        
        BIND是一个应用非常广泛的DNS协议的实现,由ISC(Internet Software Consortium)负责维护,具体的开发由Nominum(www.nominum.com)公司来完成。
        允许递归查询的BIND 8服务器可能会由于使用一个无效空指针而造成服务中断。一个控制了一个权威域名服务器的攻击者可以导致受影响的BIND 8服务器试图缓存带有无效过期时间的SIG资源记录的信息。这些记录会被从BIND内部数据库中删除,但BIND仍然会错误地引用这些记录,从而造成拒绝服务攻击。
        

- 公告与补丁

        临时解决方法:
        * 如果您并不需要提供递归查询, 您可以关闭之. 在大多数情况下, 递归查询都是可
         以关闭的,具体方法可参考如下步骤:
         打开BIND配置文件named.conf(例如/etc/named.conf),在options栏中增加下列行:
         recursion no;
         例如:
         options {
         ...
         recursion no;
         ...
         };
         重新起动BIND服务以使修改生效。
        * 升级到BIND 9, 例如BIND 9.2.1:
         ftp://ftp.isc.org/isc/bind9/9.2.1/bind-9.2.1.tar.gz
        厂商补丁:
        ISC
        ---
        ISC已经在BIND 4.9.11, 8.2.7, 8.3.4中修复了这一漏洞。如果您只想安装补丁修补当前BIND系统,可访问如下链接获取补丁文件:
        
        http://www.isc.org/products/BIND/bind-security.html

- 漏洞信息

9725
ISC BIND SIG RR Elements Invalid Expirty Times DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2002-11-12 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

ISC BIND 8 Invalid Expiry Time Denial Of Service Vulnerability
Failure to Handle Exceptional Conditions 6159
Yes No
2002-11-12 12:00:00 2009-07-11 07:16:00
Discovery of this vulnerability credited to Neel Mehta of ISS X-Force.

- 受影响的程序版本

Sun Solaris 9
Sun Solaris 8_x86
Sun Solaris 8_sparc
Sun Solaris 7.0_x86
Sun Solaris 7.0
Sun Cobalt RaQ XTR
SCO Open Server 5.0.7
SCO Open Server 5.0.6
SCO Open Server 5.0.5
OpenBSD OpenBSD 3.2
OpenBSD OpenBSD 3.1
OpenBSD OpenBSD 3.0
ISC BIND 8.3.3
+ Apple Mac OS X 10.2.2
+ Apple Mac OS X 10.2.1
+ Apple Mac OS X 10.2
+ Apple Mac OS X 10.1.5
+ Apple Mac OS X 10.1.4
+ Apple Mac OS X 10.1.3
+ Apple Mac OS X 10.1.2
+ Apple Mac OS X 10.1.1
+ Apple Mac OS X 10.1
+ Apple Mac OS X 10.1
+ Apple Mac OS X Server 10.2.2
+ Apple Mac OS X Server 10.2.1
+ Apple Mac OS X Server 10.2
+ Apple Mac OS X Server 10.0
+ Debian Linux 3.0
+ FreeBSD FreeBSD 4.7 -RELEASE
+ FreeBSD FreeBSD 4.7
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 7.2
+ OpenPKG OpenPKG 1.1
+ OpenPKG OpenPKG Current
ISC BIND 8.3.2
+ FreeBSD FreeBSD 4.6 -RELEASE
+ FreeBSD FreeBSD 4.6
ISC BIND 8.3.1
ISC BIND 8.3 .0
ISC BIND 8.2.6
+ Conectiva Linux 6.0
+ OpenPKG OpenPKG 1.0
+ Trustix Secure Linux 1.5
+ Trustix Secure Linux 1.2
ISC BIND 8.2.5
+ OpenPKG OpenPKG 1.0
+ Trustix Secure Linux 1.5
ISC BIND 8.2.4
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux 8.0
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3
+ Trustix Secure Linux 1.2
ISC BIND 8.2.3
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ Debian Linux 2.2
+ EnGarde Secure Linux 1.0.1
+ Immunix Immunix OS 7+
ISC BIND 8.2.2
ISC BIND 8.2.1
ISC BIND 8.2
- Caldera OpenLinux 2.2
- Caldera OpenLinux 1.3
- Caldera UnixWare 7.1.1
- IBM AIX 4.3.3
- IBM AIX 4.3.2
- IBM AIX 4.3.1
- IBM AIX 4.3
- RedHat Linux 6.1 i386
- RedHat Linux 6.0
- RedHat Linux 5.2 i386
- RedHat Linux 5.1
- RedHat Linux 5.0
- RedHat Linux 4.2
- RedHat Linux 4.1
- RedHat Linux 4.0
- Slackware Linux 4.0
ISC BIND 8.1.2
+ HP HP-UX 11.11
+ HP HP-UX 11.0
ISC BIND 8.1.1
ISC BIND 8.1
FreeBSD FreeBSD 4.7
FreeBSD FreeBSD 4.6
FreeBSD FreeBSD 4.5
FreeBSD FreeBSD 4.4
Compaq Tru64 5.1 b PK1 (BL1)
Compaq Tru64 5.1 b
Compaq Tru64 5.1 a PK3 (BL3)
Compaq Tru64 5.1 a PK2 (BL2)
Compaq Tru64 5.1 a PK1 (BL1)
Compaq Tru64 5.1 a
Compaq Tru64 5.1 PK5 (BL19)
Compaq Tru64 5.1 PK4 (BL18)
Compaq Tru64 5.1 PK3 (BL17)
Compaq Tru64 5.1
Compaq Tru64 5.0 a PK3 (BL17)
Compaq Tru64 5.0 a
Compaq Tru64 4.0 g PK3 (BL17)
Compaq Tru64 4.0 g
Compaq Tru64 4.0 f PK7 (BL18)
Compaq Tru64 4.0 f PK6 (BL17)
Compaq Tru64 4.0 f
Astaro Security Linux 3.2 11
Astaro Security Linux 3.2 10
Astaro Security Linux 3.2 00
Astaro Security Linux 2.0 30
Astaro Security Linux 2.0 27
Astaro Security Linux 2.0 26
Astaro Security Linux 2.0 25
Astaro Security Linux 2.0 24
Astaro Security Linux 2.0 23
Astaro Security Linux 2.0 16
ISC BIND 9.2.1
+ Caldera OpenUnix 8.0
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 7.2
+ SCO Unixware 7.1.3
ISC BIND 9.2
+ Conectiva Linux 8.0
+ Conectiva Linux 8.0
+ HP HP-UX 11.11
+ HP HP-UX 11.11
+ HP HP-UX 11.0
+ HP HP-UX 11.0
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.1
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
+ RedHat Linux 7.3
ISC BIND 9.1.3
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i686
+ RedHat Linux 7.2 i586
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.3
ISC BIND 9.1.2
+ Conectiva Linux 7.0
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.2
ISC BIND 9.1.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
ISC BIND 9.1
+ Caldera OpenUnix 8.0
+ HP Secure OS software for Linux 1.0
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
ISC BIND 9.0
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 7.0
ISC BIND 8.3.4
+ Apple Mac OS X 10.2.4
+ Apple Mac OS X 10.2.3
+ Apple Mac OS X Server 10.2.4
+ Apple Mac OS X Server 10.2.3
+ S.u.S.E. Linux Personal 8.2
ISC BIND 8.2.7
ISC BIND 4.9.11
ISC BIND 4.9.10
ISC BIND 4.9.9
ISC BIND 4.9.8
ISC BIND 4.9.7
+ HP HP-UX 11.0 4
+ HP HP-UX 11.0
+ HP HP-UX 10.24
+ HP HP-UX 10.20
+ HP HP-UX 10.10
ISC BIND 4.9.6
ISC BIND 4.9.5
ISC BIND 4.9.4
ISC BIND 4.9.3
ISC BIND 4.9
Astaro Security Linux 3.2 12

- 不受影响的程序版本

ISC BIND 9.2.1
+ Caldera OpenUnix 8.0
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 7.2
+ SCO Unixware 7.1.3
ISC BIND 9.2
+ Conectiva Linux 8.0
+ Conectiva Linux 8.0
+ HP HP-UX 11.11
+ HP HP-UX 11.11
+ HP HP-UX 11.0
+ HP HP-UX 11.0
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.1
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
+ RedHat Linux 7.3
ISC BIND 9.1.3
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i686
+ RedHat Linux 7.2 i586
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.3
ISC BIND 9.1.2
+ Conectiva Linux 7.0
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.2
ISC BIND 9.1.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
ISC BIND 9.1
+ Caldera OpenUnix 8.0
+ HP Secure OS software for Linux 1.0
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
ISC BIND 9.0
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 7.0
ISC BIND 8.3.4
+ Apple Mac OS X 10.2.4
+ Apple Mac OS X 10.2.3
+ Apple Mac OS X Server 10.2.4
+ Apple Mac OS X Server 10.2.3
+ S.u.S.E. Linux Personal 8.2
ISC BIND 8.2.7
ISC BIND 4.9.11
ISC BIND 4.9.10
ISC BIND 4.9.9
ISC BIND 4.9.8
ISC BIND 4.9.7
+ HP HP-UX 11.0 4
+ HP HP-UX 11.0
+ HP HP-UX 10.24
+ HP HP-UX 10.20
+ HP HP-UX 10.10
ISC BIND 4.9.6
ISC BIND 4.9.5
ISC BIND 4.9.4
ISC BIND 4.9.3
ISC BIND 4.9
Astaro Security Linux 3.2 12

- 漏洞讨论

A denial of service vulnerability has been reported for ISC BIND 8. The vulnerability is due to caching of SIG RR (resource records) with invalid expiry times.

An attacker who controls an authoritative name server may be able to cause vulnerable BIND 8 servers to cache invalid SIG RR elements. When the vulnerable DNS server attempts to reference the SIG RR elements it will result in the denial of service condition.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

ISC has stated that new versions of BIND 4 and 8 will be available in the near future. Users are advised to contact ISC for further details. ISC has released patches for some versions.

Sun have released a security update to address this issue in the RAQ XTR. Please see references section for further details. A fix is linked below.

SCO has released a security advisory to address this issue in OpenServer (CSSA-2003-SCO.17.1). Further information relating to obtaining and applying fixes can be found in the referenced advisory.

FreeBSD has released an advisory. Users are advised to update systems to the 4.7-STABLE branch or to the appropriate RELENG_4_x branch dated after the correction date. A patch is also available. Further details on obtaining and applying fixes can be found in the referenced advisory.

EnGarde Secure Linux has released an advisory. Further information about obtaining and applying fixes can be found in the referenced advisory.

SuSE has released an advisory. Updated packages are available. Further information about obtaining and applying fixes can be found in the referenced advisory.

Mandrake has released an advisory (MDKSA-2002:077) containing fix information. Further information about obtaining and applying fixes can be found in the referenced advisory.

Debian has released an advisory (DSA 196-1) containing fix information. Further information about obtaining and applying fixes can be found in the referenced advisory.

Conectiva has released an advisory (CLA-2002:546) containing fix information. Further information about obtaining and applying fixes can be found in the referenced advisory.

OpenPKG has released an advisory containing upgrades for this and other vulnerabilities. OpenPKG 1.0 users are advised to upgrade to the bind-8.2.6-1.0.2 package or later. OpenPKG 1.1 users are advised to upgrade to the bind8-8.3.3-1.1.1 package or later. OpenPKG CURRENT users are advised to upgrade to the bind8-8.3.3-20021114 package or later. bind-9.2.1-1.1.0 packages are also available for OpenPKG 1.1/CURRENT. Further details on obtaining and applying fixes can be found in the attached reference.

This issue is present in Astaro Security Linux versions prior to Up2Date 3.212. Up2Date 3.211 is the minimum version required for users to install Up2Date 3.212.

Trustix Secure Linux has released an advisory. Further details about obtaining and applying fixes can be found in the referenced advisory.

NetBSD has released an advisory. Details about upgrading vulnerable packages through CVS can be found in the referenced advisory.

SCO has released an advisory and fixes for OpenLinux.

SCO has released a security advisory (CSSA-2003-SCO.2). Information, on obtaining and applying fixes, can be gathered from the reverenced advisory.

Sun recommends disabling recursion if not needed. Patches are available.

Fixes are available:


OpenBSD OpenBSD 3.2

Sun Solaris 8_sparc

OpenBSD OpenBSD 3.0

Sun Cobalt RaQ XTR

Sun Solaris 7.0

Sun Solaris 9

Sun Solaris 7.0_x86

OpenBSD OpenBSD 3.1

Sun Solaris 8_x86

Compaq Tru64 4.0 f PK6 (BL17)

Compaq Tru64 4.0 g PK3 (BL17)

Compaq Tru64 4.0 g

Compaq Tru64 4.0 f

Compaq Tru64 4.0 f PK7 (BL18)

FreeBSD FreeBSD 4.4

FreeBSD FreeBSD 4.5

FreeBSD FreeBSD 4.6

FreeBSD FreeBSD 4.7

Compaq Tru64 5.0 a PK3 (BL17)

Compaq Tru64 5.0 a

Compaq Tru64 5.1 PK4 (BL18)

Compaq Tru64 5.1 b PK1 (BL1)

Compaq Tru64 5.1 a

Compaq Tru64 5.1

Compaq Tru64 5.1 PK5 (BL19)

Compaq Tru64 5.1 a PK1 (BL1)

Compaq Tru64 5.1 a PK2 (BL2)

Compaq Tru64 5.1 a PK3 (BL3)

Compaq Tru64 5.1 b

Compaq Tru64 5.1 PK3 (BL17)

ISC BIND 8.2.3

ISC BIND 8.2.4

ISC BIND 8.2.6

ISC BIND 8.3.3

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站