[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] BIND vulnerability

Subject: Re: [cobalt-users] BIND vulnerability
From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
Date: Tue Jan 30 13:54:09 2001
Organization: nobaloney.net
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Dom Latter wrote:

> If on the other hand the aim is to *compromise* a m/c,
> by which I mean gain root access, then this would be CPU
> specific - your "injected" code is going to have to be
> compiled for that CPU.
> 
> So any tools being written to take advantage of this
> vulnerability are more likey to be aimed at Intel
> machines.

Unfortunately not true, Dom.

The vulnerability that gives root access is already in bind.

Once the machine is compromised, there are plenty of perl scripts which
the cracker (actually the root kit used by the script-kiddies) will use
to do what s/he wants.

Jeff
-- 
Jeff Lasman <jblists@xxxxxxxxxxxxx>
nobaloney.net
P. O. Box 52672
Riverside, CA  92517
voice: (909) 787-8589  *  fax: (909) 782-0205

Follow-Ups:
- RE: [cobalt-users] BIND vulnerability
  - From: Dom Latter

References:
- RE: [cobalt-users] BIND vulnerability
  - From: Dom Latter

Prev by Date: Re: [cobalt-users] ftp home directory
Next by Date: Re: [cobalt-users] User Limit? Whats the max?
Previous by thread: RE: [cobalt-users] BIND vulnerability
Next by thread: RE: [cobalt-users] BIND vulnerability

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index