Bugtraq mailing list archives
[BIND-BUGS #18] Non-delegated master domains
From: ian () EMIT PL (Ian Carr-de Avelon)
Date: Mon, 10 May 1999 11:21:17 +0200
Dear Aleph,
I'll leave it to your discresion as to whether this should go
public. For me this is simply a problem relating to adding MX records
with 192.168.xx.xx addresses to internal name servers. Some people may
assume that if they rely on DNS data for their own domains, they are
only relying on the intergrety of their own servers. With BIND 8 this
appears not to be true. If somone can change the delegation of a domain,
or make a new domain like EMIT. or 168.192.IN-ADDR.ARPA., bind 8 will
accept the data pointed to via route servers etc. in place of local
master files.
While searching for some kind of "option to get the old behaviour"
I found a report about this in the BIND-USERS archive of 2 months ago,
but it appears to have been seen as someone who could not configure the
program properly. I have just emailed Patrick Volkerding as I happen to
have taken this bind from his distribution. The question is the old one
of whether bad-people can use this knowledge better than their potential
victims. There is no exploit here to get you control of a route server
in the fist place, but there is no quick fix either. Backing off this
version probably means back to something with greater vulnerabilities.
Replacing names with IPs in every context would be a pain. If nothing
else, producing a fake 168.192.IN-ADDR.ARPA. would be a DOS attack
against thousands of internal services as tcpds would refuse connections.
Yours
Ian
This appears to be due to an email which I sent to Paul Vixie and Cricket Liu about what I took to be an intentional change in behaviour. One or other of them must have decided this is a bug. In which case I should probably add that the bind I have found this with is BIND-8.1.2-REL taken from the Slackware 3.6.0 distribution. The bug is that domains which have valid delegations within the DNS system can not be overriden with local master files. IE. If I make a master file for microsoft.com, www.microsoft.com remains with the IP microsoft give it and not what I give it. Domains which are delegated to me eg EMIT.PL. a or domains which have no delegation anywhere eg. EMIT. work as expected. Yours Ian bind-bugs () isc org wrote>Greetings. (This is an automated response. There is no need to reply.) Your message regarding: Non-delegated master domains has been received and assigned a request number of 18. In order help us track the progress of this request, we ask that you include the string [BIND-BUGS #18] in the subject line of any further mail about this particular request. For example: Subject: [BIND-BUGS #18] Non-delegated master domains You may do this simply by replying to this email.
Current thread:
- Re: Infosec.19990305.macof.a, (continued)
- Re: Infosec.19990305.macof.a Glen Turner (May 06)
- Re: Infosec.19990305.macof.a Alan Cox (May 07)
- Re: Infosec.19990305.macof.a Greg A. Woods (May 08)
- Re: Infosec.19990305.macof.a Alan Cox (May 09)
- OpenLinux 2.2: LISA install leaves root access without password Andrew McRory (May 08)
- Re: [linux-security] OpenLinux 2.2: LISA install leaves root Ralf Flaxa (May 09)
- SunOS 5.7 rmmount, no nosuid. Jonas Stahre (May 10)
- Re: SunOS 5.7 rmmount, no nosuid. C.J. Oster (May 10)
- nidsbench announcement Dug Song (May 13)
- Re: Infosec.19990305.macof.a Alan Cox (May 07)
- Adminisrivia Aleph One (May 10)
- [BIND-BUGS #18] Non-delegated master domains Ian Carr-de Avelon (May 10)
- Re: [BIND-BUGS #18] Non-delegated master domains Andrew Brown (May 11)
- Re: [BIND-BUGS #18] Non-delegated master domains Dan Busarow (May 11)
- Re: Infosec.19990305.macof.a Glen Turner (May 06)
- ICQ Password Revealer Dmitri Alperovitch (May 10)
- Re: Adminisrivia Brian Fisk (May 10)
- Bookmarks security vulnerabilities in both Internet Explorer 5.0 Georgi Guninski (May 09)