DOVES Vulnerability V-00111
DOVES Project
Computer Security Laboratory
Department of Computer Science
University of California at Davis
Brief summary: Some versions of BIND are vulnerable to a remote buffer overflow in the processing of NXT records
Detailed description: Some versions of BIND fail to properly validate NXT records. This improper validation could allow a remote intruder to overflow a buffer and execute arbitrary code with the privileges of the user running named, typically root.
Components: BIND 8.2, 8.2.1; other versions are not vulnerable /comp>
Operating system(s): BSDI BSD/OS 2.0, 2.1, 2.0.1; Caldera OpenLinux Standard 1.0; Data General DG/UX 5.4R3.0, 5.4R4.11 IBM AIX 4.1x, 4.2, 4.2.1, 4.3; ISC BIND 4.9.6, 8.1, 8.1.1; NEC UX/4800 (64); NetBSD NetBSD 1.0, 1.1, 1.2, 1.2.1, 1.3, 1.3.1; RedHat Linux 4.0, 4.1, 4.2, 5.0; SCO Open Desktop 3.0, 5.0; SCO Unixware 2.1, 7.0; SGI IRIX 3.2 - 6.3; Sun Solaris 2.3 - 2.6_x86. Not vulnerable: BSDI BSD/OS 3.0, 4.0; Caldera OpenLinux Standard 1.1, 1.2; FreeBSD 3.3; ISC BIND 4.9.7, 8.1.2; NetBSD NetBSD 1.3.2, 1.3.3, 1.4 x86; RedHat Linux 5.1, 5.2-i386; SCO Open Desktop 3.2v4; SCO Open Server 5.0.x; SCO Unixware 7.0.1, 7.1; SGI IRIX 6.4 and laterThe attacker can execute a program as the owner of BIND, always the most privileged user.
How to detect:
How to fix:
Other information:
PA Classification:
RISOS Classification:
Davis Classification:
Common Vulnerability Exposure: Buffer overflow in BIND 8.2 via NXT records. [CVE-1999-0833]
Attacks: See Doves exploit #109
Advisories:
Related DOVES entries:
Who reported it: David Contad, Paul Vixie, Bob Halley, Olaf Kirsch of ISCISC in BIND advisory: reported the problem to CERT
Send email to doves@cs.ucdavis.edu
Department of Computer Science
University of California at Davis
One Shields Ave.
Davis, CA 95616-8562
Dove images © 1999-2000 www.barrysclipart.com