Re: Possible DOS in Bind 8.2.2-P5

["Johnson, Jeremiah" <jjohnson () penguincomputing com>]

Just like the log says, it tries to exec gzip:

ns_xfr.c:                       execlp("gzip", "gzip", NULL);
ns_xfr.c:                       ns_error(ns_log_xfer_out, "execlp: %s", strerror(errno));

-miah

On Tue, Nov 14, 2000 at 09:31:19AM +0200, Peter Pentchev wrote:
> On Mon, Nov 13, 2000 at 11:25:50AM -0300, Jonatan Sarba wrote:
> > milg:~# named-xfer -z zone.com.ar -d 9 -f pics -Z dns.zone.com.ar
> >
> > named-xfer[3916]: send ZXFR query 0 to 200.0.1.101
> > named-xfer[3916]: premature EOF, fetching "zone.com.ar"
> >
> > and the logs in dns server was:
> >
> > Nov 13 13:55:36 dns named[19877]: zone transfer (ZXFR) of "zone.com.ar" (IN)
> > to [200.0.1.101].2916
> > Nov 13 13:55:36 dns named[30890]: execlp: No such file or directory
> > Nov 13 13:55:36 dns named[19877]: zxfr gzip pid 30890
> >
> > i've chrooted the named daemon running on redhat-6.0. I think that the user
> > who runs the daemon, doesn't have permissions to execute the 'execlp'
> > function. Is it possible?
>
> Possible, but quite improbable; it's much more likely that the execlp
> system call is complaining that the file bind's trying to exec does
> not exist.  That is, you've missed copying some file and/or library
> to the chroot tree.
>
> Unfortunately, I do not have BIND sources handy right now, so I cannot
> make a guess at which file might be the problem.
>
> G'luck,
> Peter
>
> --
> Nostalgia ain't what it used to be.