ISS XForce
has found that the name service deamon
BIND
from ISC has two remote vulnerabilities. Exploit of the holes allow an attacker to run arbitrary commands on the server (not sure at what priviledge level at this time). According to
ISC
and
ISS
this vulnerability can be mitigated by disabling recursion on your name server. BIND4, is the name daemon OpenBSD ships with by default. BIND8 is in ports. BIND9, which is also in ports, does not appear to be vulnerable to this attack according to ISS and ISC.
No know patches are available at this time. According to Todd Miller,
OpenBSD appears vulnerable
, though mitigated by the use of a chroot environment. However, it's probably worth protecting yourself with systrace (a default named policy is shipped) or disabling recursion if possible. A patch will be available for OpenBSD after one is developed by ISC.
(Comments are closed)
Comments
By
Noob ()
on
I just looked at the Current source and it looks like they just made a change in named. I'm guessing that an errata patch and stable update may be coming soon.
I'm very thankful that OpenBSD is the kind of secure operating system where I can have an exploitable process running, and yet feel secure using the tools provided (chroot,systrace,pf). I even went ahead and placed the:
options no-recursion
in my /var/named/named.boot
just to be on the safe side. ;-)
By Noob () on
I'm very thankful that OpenBSD is the kind of secure operating system where I can have an exploitable process running, and yet feel secure using the tools provided (chroot,systrace,pf). I even went ahead and placed the:
options no-recursion
in my /var/named/named.boot
just to be on the safe side. ;-)
Thanks again!