Results 1 to 5 of 5

Thread: BIND Weaknesses

  1. #1

    BIND Weaknesses

    I dont know alot about *.nix security but i thought this may be informative for some of you. It's an article i've read from SANS.org about the weaknesses in BIND.

    BIND weaknesses: nxt, qinv and in.named allow immediate root compromise.

    The Berkeley Internet Name Domain (BIND) package is the most widely used implementation of Domain Name Service (DNS) -- the critical means by which we all locate systems on the Internet by name (e.g., www.sans.org) without having to know specific IP addresses -- and this makes it a favorite target for attack. Sadly, according to a mid-1999 survey, about 50% of all DNS servers connected to the Internet are running vulnerable versions of BIND. In a typical example of a BIND attack, intruders erased the system logs, and installed tools to gain administrative access. They then compiled and installed IRC utilities and network scanning tools, which they used to scan more than a dozen class-B networks in search of additional systems running vulnerable versions of BIND. In a matter of minutes, they had used the compromised system to attack hundreds of remote systems abroad, resulting in many additional successful compromises. This illustrates the chaos that can result from a single vulnerability in the software for ubiquitous Internet services such as DNS.

    Systems Affected:
    Multiple UNIX and Linux systems

    As of May 22, 2000, any version earlier than BIND v.8.2.2 patch level 5 is vulnerable.

  2. #2
    Junior Member
    Join Date
    Aug 2001
    Posts
    23
    Hey Remote. Interesting.

    Do you think I should change my aviator? Do you think its hard to take someone with an exploding pokemon thing seriously?

    Rna.

  3. #3

    Talking Hey Rna

    well, it is up to you what ever avatar you decide to use. as long as you post a serious response, people will take you seriously.
    by the way, how do i make a custom avatar?
    latr rna,

    Remote_Access_

  4. #4
    Member
    Join Date
    Oct 2001
    Posts
    88
    Neat post, www.sans.org has some good info out there.

    FYI there are three different versions of BIND running around out there 4.x, 8.x and 9.x, each has there own issues. 8.x has probably been the most secure through it all.

    I don't know if your read this but a buffer overflow exploit on BIND 4.x was a bad one, often dumped the attacker to a shell wih root. This has of course been patched, but it was gnarly.

  5. #5

    Exclamation BIND

    Like i said earlier, i dont know alot about *.nix security. but thanks for the information. The SANS institute has issued ALOT of vulnerabilities in BIND and i didnt want to take up bandwidth with all the holes, vulnerabilities, and problems with BIND. But, if you or any one else is looking for such information, go to Sans.org and search for Bind.
    latr,
    Remote_Access_

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •