[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Re: bind hack

Subject: [cobalt-users] Re: bind hack
From: dfd <dfd@xxxxxxxxxxx>
Date: Tue Feb 29 12:38:48 2000

>Versions earlier to 8.2 are not vulnerable to the remote root exploit.
>You can get more detail no the issues surrounding the BIND security
>advisory from CERT.
>
>http://www.cert.org/advisories/CA-99-14-bind.html
>
>Jeff
>

That's true.  The same information is in a different form at the following
URL that was in my previous post:
http://www.isc.org/products/BIND/bind-security-19991108.html

However, just because BIND 8.2 up to Patchlevel 1 has the root exploit
issue, all of the other versions including the versions that the RAQ1 and 2
run are vulnerable to the denial of service type attacks that are listed
both in the CERT advisory and the ISC URL above.  

While this is slightly unrelated to the original post about the root
exploit, I would hope this would be reason enough to release an update.
Just because some malicious user can't get root doesn't mean they can't
cause all sorts of other problems.

- Dave

Follow-Ups:
- [cobalt-users] Help: Cannont get Perl script to run
  - From: Jeff S. Lucido

Prev by Date: [cobalt-users] analog
Next by Date: Re: [cobalt-users] Miva on RaQ3 - problem!
Previous by thread: Re: [cobalt-users] analog
Next by thread: [cobalt-users] Help: Cannont get Perl script to run

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index