Note: This is an archival copy of Security Sun Alert 200367 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000259.1.
Article ID : 1000259.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2004-01-29
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Remote Denial-Of-Service Vulnerability in BIND DNS Daemon (in.named)

Category
Security

Release Phase
Resolved

Product
Solaris 9 Operating System
Solaris 7 Operating System
Solaris 8 Operating System

Bug Id
4928758

Date of Workaround Release
26-NOV-2003

Date of Resolved Release
30-JAN-2004

Impact

A privileged remote user may be able to cause the Domain Name Service Daemon (in.named(1M)) to retain invalid negative responses. This will cause DNS resolver routines (resolver(3RESOLV)) to not find valid host names. This is a type of Denial-of-Service.

This issue corresponds to the security fix addressed in ISC BIND 8.4.2 and 8.3.7 releases and is referenced at http://www.isc.org/index.pl?/sw/bind/bind8.php.

This issue is also described in CERT Vulnerability VU#734644, which can be found at http://www.kb.cert.org/vuls/id/734644.


Contributing Factors

This issue can occur in the following releases:

SPARC Platform

  • Solaris 7 without patch 106938-08
  • Solaris 8 without patch 109326-13
  • Solaris 9 without patch 112970-06

x86 Platform

  • Solaris 7 without patch 106939-08
  • Solaris 8 without patch 109327-13
  • Solaris 9 without patch 114354-05

Note: Solaris 2.6 will not be evaluated regarding the potential impact of the issue described in this Sun Alert.


Symptoms

Should the described issue occur, applications will fail to connect to remote servers.

nslookup(1m) intermittently reports that the host name is "Non-existent". For example: 

    $ nslookup www.sun.com
Server:  dns.Sun.COM
Address:  123.234.56.78
dns.Sun.COM can't find www.sun.com: Non-existent host/domain

Workaround

To work around the described issue, place required host information in another name repository, such as "files" (in "/etc/hosts") and modify nsswitch.conf(4) accordingly. See http://docs.sun.com/ for further information.


Resolution

This issue is addressed in the following releases:

SPARC Platform

  • Solaris 7 with patch 106938-08 or later
  • Solaris 8 with patch 109326-13 or later
  • Solaris 9 with patch 112970-06 or later

x86 Platform

  • Solaris 7 with patch 106939-08 or later
  • Solaris 8 with patch 109327-13 or later
  • Solaris 9 with patch 114354-05 or later


Modification History
Date: 06-JAN-2004
  • Update Contributing Factors and Resolution Sections for Solaris 7 patches

Date: 30-JAN-2004
  • Update Contributing Factors and Resolution for remaining patches, re-release as Resolved

Date: 11-MAR-2005
  • Add CERT reference in "Impact" section


References

106938-08
106939-08
112970-06
114354-05
109326-13
109327-13




Attachments
This solution has no attachment