[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Named exiting due to assertion failure



Hi Stephane,
 
Thanks for your reply !
 
I think that only the BIND 9.0 are vulnerabble to attacks. Please see what i read at http://www.kb.cert.org/vuls/id/739123 :
 
A denial-of-service vulnerability exists in version 9 of the Internet Software Consortium's (ISC) Berkeley Internet Name Domain (BIND) server. ISC BIND versions 8 and 4 are not affected. Exploiting this vulnerability will cause vulnerable BIND servers to shut down.
 
Please see also the solution recomended:
 
II. Impact
Exploitation of this vulnerability will cause the vulnerable BIND server to abort and shut down. As a result, the BIND server will not be available unless restarted.
III. Solution
Apply a patch from your vendor or upgrade to BIND 9.2.1. BIND 9.2.1 is available from http://www.isc.org/products/BIND/bind9.html.
 
I am having that problem after installing BIND 9.2.1 version.
 
Regards
 
Jose
 
----- Original Message -----
From: Stephane Bortzmeyer <bortzmeyer at nic.fr>
To: Jose Pereira Van-Dunem <jvd at ebonet.net>
Cc: <afnog at afnog.org>
Sent: Wednesday, June 19, 2002 10:02 AM
Subject: Re: Named exiting due to assertion failure

> On Wed, Jun 19, 2002 at 08:43:06AM +0100,
>  Jose Pereira Van-Dunem <jvd at ebonet.net> wrote
>  a message of 27 lines which said:
>
> > I have installed  the BIND 9.2.1  package. After that, at least 5 times a
> > day, the Named exit due to assertion failure!
>
> This really looks like the last security bug:
>
> http://www.kb.cert.org/vuls/id/739123
>
> It's CERT advisory CA-2002-15. IMHO, network operators MUST subscribe
> to the CERT mailing list and read it.