BIND 8.4.4 and 8.4.5 vulnerable to buffer overflow in q_usedns

Overview

A vulnerability in the BIND name server could allow a remote attacker to cause a denial of service against an affected system.

Description

The Berkeley Internet Name Domain (BIND) is a popular Domain Name System (DNS) implementation from Internet Systems Consortium (ISC). A buffer overflow error exists in the handling of the q_usedns array used by the server to track nameservers and addresses that have been queried. This vulnerability only affects BIND versions 8.4.4 and 8.4.5.

---

Impact

A remote attacker may be able to cause the name server daemon to crash, thereby causing a denial of service for DNS operations.

---

Solution

Apply a patch from the vendor

Patches have been released in response to this issue. Please see the Systems Affected section of this document.

Upgrade

Users who compile their own versions of BIND from the original ISC source code are encouraged to upgrade to BIND version 8.4.6 which includes a patch for this issue.

---

Workarounds

ISC recommends that users who are unable to apply the patch disable recursion and glue fetching.

---

Vendor Information

327633

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Debian __ Affected

Notified: January 17, 2005 Updated: January 25, 2005

Status

Affected

Vendor Statement

It seems that Debian stable is not vulnerable to either vulnerability and Debian testing/unstable is only vulnerable to CAN-2005-033 (VU#327633). The versions included are too old and the vulnerability does not seem to be present in the older versions indeed.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

ISC __ Affected

Updated: January 25, 2005

Status

Affected

Vendor Statement

Workaround:

Disable recursion and glue fetching.
Fix:

Upgrade to BIND 8.4.6
<http://www.isc.org/sw/bind/>

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Apple Computer Inc. __ Not Affected

Notified: January 17, 2005 Updated: March 18, 2005

Status

Not Affected

Vendor Statement

Mac OS X 10.2, Mac OS X Server 10.2, and later do not contain this issue as the DNS packages distributed are not susceptible to the vulnerability described in this advisory.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Check Point __ Not Affected

Notified: January 17, 2005 Updated: January 24, 2005

Status

Not Affected

Vendor Statement

Check Point products are not vulnerable to these issues.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Hitachi __ Not Affected

Notified: January 17, 2005 Updated: January 20, 2005

Status

Not Affected

Vendor Statement

NOT VULNERABLE Hitachi HI-UX/WE2 is NOT Vulnerable to this issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

IBM __ Not Affected

Notified: January 17, 2005 Updated: January 24, 2005

Status

Not Affected

Vendor Statement

The AIX Operating System is not vulnerable to the issues discussed in CERT Vulnerability Notes VU#938617, VU#327633 or any Technical Cyber Security Alerts related to these issues.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Juniper Networks __ Not Affected

Notified: January 17, 2005 Updated: January 24, 2005

Status

Not Affected

Vendor Statement

Juniper Networks products are not susceptible to this vulnerability

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

MandrakeSoft __ Not Affected

Notified: January 17, 2005 Updated: January 31, 2005

Status

Not Affected

Vendor Statement

Mandrakesoft has fixed VU#938617 in advisory MDKSA-2005:023. We do not
ship any products with BIND 8 so are not vulnerable to VU#327633.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

NEC Corporation __ Not Affected

Notified: January 17, 2005 Updated: March 18, 2005

Status

Not Affected

Vendor Statement

* NEC products are NOT susceptible to this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Red Hat Inc. __ Not Affected

Notified: January 17, 2005 Updated: January 18, 2005

Status

Not Affected

Vendor Statement

Red Hat Enterprise Linux ships with a BIND package, however we have verified
that the versions included in Red Hat Enterprise Linux are not vulnerable to
these issues.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Sun Microsystems Inc. __ Not Affected

Notified: January 17, 2005 Updated: January 24, 2005

Status

Not Affected

Vendor Statement

Sun is not affected by either of these vulnerabilities. No version of
Solaris ships with any of the affected versions of BIND and the Sun Java
Desktop System (Linux) doesn't ship an affected version of BIND either.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Adns __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

BlueCat Networks __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Conectiva __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Cray Inc. __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

EMC Corporation __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Engarde __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

F5 Networks __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

FreeBSD __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Fujitsu __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

GNU glibc __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Hewlett-Packard Company __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

IBM eServer __ Unknown

Notified: January 17, 2005 Updated: February 01, 2005

Status

Unknown

Vendor Statement

`For information related to this and other published CERT
Advisories that may relate to the IBM eServer Platforms (xSeries,
iSeries, pSeries, and zSeries) please go to
[https://app-06.www.ibm.com/servers/resourcelink/lib03020.nsf/pages/securityalerts?OpenDocument&pathID=](<https://app-06.www.ibm.com/servers/resourcelink/lib03020.nsf/pages/securityalerts?OpenDocument&pathID=>)

In order to access this information you will require a Resource Link ID.
To subscribe to Resource Link go to
<http://app-06.www.ibm.com/servers/resourcelink>
and follow the steps for registration.

All questions should be refferred to [email protected].`

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

IBM-zSeries __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Immunix __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

InfoBlox __ Unknown

Notified: February 04, 2005 Updated: February 04, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Ingrian Networks __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Lucent Technologies __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Men&Mice __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

MetaSolv Software Inc. __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Microsoft Corporation __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

MontaVista Software __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

NetBSD __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Nokia __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Nortel Networks __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Novell __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

OpenBSD __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Openwall GNU/*/Linux __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

SCO-LINUX __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

SCO-UNIX __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

SGI __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Sequent __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Sony Corporation __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

SuSE Inc. __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

TurboLinux __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Unisys __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

Wind River Systems Inc. __ Unknown

Notified: January 17, 2005 Updated: January 17, 2005

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23327633 Feedback>).

View all 47 vendors __View less vendors __

CVSS Metrics

Group	Score	Vector
Base
Temporal
Environmental

References

• <http://www.isc.org/sw/bind/bind-security.php&gt;
• <http://www.niscc.gov.uk/niscc/docs/al-20050125-00059.html?lang=en&gt;

Acknowledgements

Thanks to Joao Damas of the Internet Systems Consortium for reporting this vulnerability.

This document was written by Chad Dougherty based on information provided by ISC.

Other Information

CVE IDs:	CVE-2005-0033
Severity Metric:	1.91 Date Public: