SOT Linux: “Versions of BIND 9 prior to 9.2.1 have a bug that causes certain
requests to the BIND name server (named) to fail an internal
consistency check, causing the name server to stop responding to
requests. This can be used by a remote attacker to cause a denial of
service (DOS) attack against name servers.”
requests to the BIND name server (named) to fail an internal
consistency check, causing the name server to stop responding to
requests. This can be used by a remote attacker to cause a denial of
service (DOS) attack against name servers.”
---------------------------------------------------------------------
SOT Linux Security Advisory
Subject: Updated bind package for SOT Linux 2002
Advisory ID: SLSA-2002:7
Date: Thursday, June 6, 2002
Product: SOT Linux 2002
---------------------------------------------------------------------
1. Problem description
Versions of BIND 9 prior to 9.2.1 have a bug that causes certain
requests to the BIND name server (named) to fail an internal
consistency check, causing the name server to stop responding to
requests. This can be used by a remote attacker to cause a denial of
service (DOS) attack against name servers.
2. Updated packages
SOT Linux 2002 Desktop:
i386:
ftp://ftp.sot.com/updates/2002/Desktop/i386/bind-utils-9.2.1-1.i386.rpm
SRPMS:
ftp://ftp.sot.com/updates/2002/Desktop/SRPMS/bind-9.2.1-1.src.rpm
SOT Linux 2002 Server:
i386:
ftp://ftp.sot.com/updates/2002/Server/i386/bind-9.2.1-1.i386.rpm
ftp://ftp.sot.com/updates/2002/Server/i386/bind-utils-9.2.1-1.i386.rpm
SRPMS:
ftp://ftp.sot.com/updates/2002/Server/SRPMS/bind-9.2.1-1.src.rpm
3. Upgrading package
Use up2date to automatically upgrade the fixed packages.
If you want to upgrade manually, download the updated package from
the SOT Linux FTP site (use the links above) or from one of our mirrors.
The list of mirrors can be obtained at www.sot.com/en/linux
Update the package with the following command:
rpm -Uvh filename
4. Verification
All packages are PGP signed by SOT for security.
You can verify each package with the following command:
rpm --checksig filename
If you wish to verify the integrity of the downloaded package, run
"md5sum filename" and compare the output with data given below.
Package Name MD5 sum
--------------------------------------------------------------------------
/Desktop/i386/bind-utils-9.2.1-1.i386.rpm 5f3df4a88ed9a2961de6af45c4b0a788
/Desktop/SRPMS/bind-9.2.1-1.src.rpm d2e274c8a861c4cd5a9e9b8cb76df44e
/Server/i386/bind-utils-9.2.1-1.i386.rpm 5f3df4a88ed9a2961de6af45c4b0a788
/Server/i386/bind-9.2.1-1.i386.rpm e74c33d4c0774d92bd629ded5028da04
/Server/SRPMS/bind-9.2.1-1.src.rpm d2e274c8a861c4cd5a9e9b8cb76df44e
5. References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0400
Copyright(c) 2001, 2002 SOT
---------------------------------------------------------------------
You can view other update advisories for SOT Linux 2002 at:
http://www.sot.com/en/linux/sa/
---------------------------------------------------------------------
Category:
- Security
