Subject: BIND DoS and remote compromise issues
To: None <tech-security@netbsd.org>
From: Jeremy C. Reed <reed@reedmedia.net>
List: tech-security
Date: 11/12/2002 10:13:33
According to ISC and ISS, BIND versions 4.9.5 to 4.9.10-REL and BIND 8.1,
8.2 to 8.2.6, 8.3.0 to 8.3.3-REL are remotely exploitable.

Workarounds are to upgrade to BIND 9 or to disable recursion (which is
enabled by default). For example, maybe only allow-recursion for your own
trusted networks. Another possible workaround, is to filter TCP port 53.

More details:
 http://www.isc.org/products/BIND/bind-security.html
 http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469
 CAN-2002-1219 BIND SIG Cached RR Overflow Vulnerability
 CAN-2002-1220 BIND OPT DoS
 CAN-2002-1221 BIND SIG Expiry Time DoS

   Jeremy C. Reed
   http://bsd.reedmedia.net/