| View previous topic :: View next topic |
| Author |
Message |
richard.scott
Veteran
Joined: 19 May 2003
Posts: 1486
Location: Oxfordshire, UK
|
 Posted: Wed Feb 14, 2007 11:52 pm Post subject: named: stack smashing attack in function query_find |
 |
|
I've recently upgraded to bind-9.3.4 and when I try and emerge with the "idn" flag I get a stack error when running the daemon:
| Code: | | named: stack smashing attack in function query_find |
Once you try and query a zone file that the bind server is a master for it kills the daemon and reports a stack smashing error!
If you re-compile with "-idn" then its all ok!
EDIT: ok, its not all ok without the IDN flag...it was late when I restarted my daemon and I didn't notice it crash again!
Has anyone else see this with a hardened system? |
|
| Back to top |
|
 |
guerro
Guru
Joined: 21 Jun 2004
Posts: 321
Location: Brescia
|
| Posted: Fri Feb 16, 2007 7:42 am Post subject: |
|
|
same problem here..... I think that it has the same problem like previous version (9.3.3, hard-masked 1 day after it become stable)....
I solved it masking last version and using old version (9.3.2). I hope that in the future this bug will be solved. Now I still waiting
_________________
(.(*. .*).)
.. G u e r r o ..
(.(.* *.).) |
|
| Back to top |
|
|
LostControl
l33t
Joined: 02 Mar 2004
Posts: 885
Location: La Glane, Suisse
|
| Posted: Sat Feb 17, 2007 6:41 pm Post subject: Re: named: stack smashing attack in function query_find |
|
|
| richard.scott wrote: | | Has anyone else see this with a hardened system? |
Same here 
_________________
http://www.jaqpot.net
http://www.fail2ban.org |
|
| Back to top |
|
|
babudro
n00b
Joined: 30 Sep 2005
Posts: 35
Location: Canada
|
| Posted: Sun Feb 18, 2007 12:02 am Post subject: |
|
|
| Same here. I'm glad to have found this reminder. I ran into this before (probably with 9.3.3) but forgot what I had done to fix it. These forums can sure save a guy a lot of head scratching. |
|
| Back to top |
|
|
smoco
n00b
Joined: 19 Feb 2007
Posts: 30
Location: Slovakia
|
| Posted: Mon Feb 19, 2007 9:32 am Post subject: Named 9.3.4 falls down |
|
|
Hi ,
After bind update to version 9.3.4 , a cannot start bind , after start it is running few seconds a then fall down with
"unable to start stack smashing attack in function query_find" message.
Have anyone the same problem ??
ENVIROMENT
Hardened gentoo x86 , Pentium 4
kernel version 2.6.17-hardened-r1 |
|
| Back to top |
|
|
pent0z
Tux's lil' helper
Joined: 17 May 2003
Posts: 131
|
| Posted: Mon Feb 19, 2007 9:49 am Post subject: |
|
|
i had similar problems whit the hardened profile... named starts, but after some seconds goes down
switched back to the previous version
_________________
Intel 975XBX, Core 2 Duo E6600, 4Gb DDR2, 4x 74Gb SATA 10000 RAID-0, Geforce 6600 - /dev/mapper/isw_raid0: Timing buffered disk reads: 812 MB in 3.00 seconds = 270.30 MB/sec |
|
| Back to top |
|
|
smoco
n00b
Joined: 19 Feb 2007
Posts: 30
Location: Slovakia
|
| Posted: Mon Feb 19, 2007 4:50 pm Post subject: Other versions too |
|
|
| I've tried 9.2.8 and same thing , so I remove all /var/bind start bind and the same , it looks that only 9.3.2 is working correctly. |
|
| Back to top |
|
|
tomk
Administrator
Joined: 23 Sep 2003
Posts: 6793
Location: Sat in front of my computer
|
|
| Back to top |
|
|
richard.scott
Veteran
Joined: 19 May 2003
Posts: 1486
Location: Oxfordshire, UK
|
| Posted: Mon Feb 19, 2007 8:31 pm Post subject: |
|
|
| pent0z wrote: | i had similar problems whit the hardened profile... named starts, but after some seconds goes down
switched back to the previous version |
What are your CFLAGS set to?
I have mine set as follows:
| Code: | | CFLAGS="-mtune=i686 -Os -pipe -fomit-frame-pointer" |
I hear that if you try -O instead of -Os or -O2 that it may be ok.....I read that on a bug report somewhere but not tested it yet as it would mean a total rebuild of my server 
EDIT: ok, after a total rebuild with -O and not -Os its still the same 
Last edited by richard.scott on Mon Feb 26, 2007 4:56 pm; edited 1 time in total |
|
| Back to top |
|
|
chashab
n00b
Joined: 16 Jun 2004
Posts: 71
Location: Republic of Alumbia
|
| Posted: Tue Feb 20, 2007 4:03 am Post subject: |
|
|
Has anyone solved this issue yet?
I'm going to downgrade for now. If someone else is considering downgrading, note [ GLSA 200702-06 ] BIND: Denial of Service.
Update: Should have read the previous posts more closely:
| smoco wrote: | | I've tried 9.2.8 and same thing , so I remove all /var/bind start bind and the same , it looks that only 9.3.2 is working correctly. |
The problem is 9.3.2 suffers from the aforementioned GLSA 200702-06. In other words, there is no viable bind version for a hardened system at this point.
Update: What I did is use gcc-config to switch to a non hardened gcc. Recompiled the most recent bind and switched gcc back afterwards. So no hardened bind, but better than running a vulnerable version. |
|
| Back to top |
|
|
s_wilk
n00b
Joined: 22 Aug 2006
Posts: 27
Location: Lublin,PL
|
| Posted: Wed Feb 21, 2007 8:52 am Post subject: |
|
|
Hi,
You don't need to downgrade it.
Just switch gcc to hardenednossp version and recompile bind.
It works then.
--
Regards,
Szymon Wilkolazki |
|
| Back to top |
|
|
richard.scott
Veteran
Joined: 19 May 2003
Posts: 1486
Location: Oxfordshire, UK
|
| Posted: Mon Feb 26, 2007 4:55 pm Post subject: |
|
|
| s_wilk wrote: | Hi,
You don't need to downgrade it.
Just switch gcc to hardenednossp version and recompile bind.
It works then.
--
Regards,
Szymon Wilkolazki |
does this make the service less secure? |
|
| Back to top |
|
|
|
Networking & Security
