[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] BIND vulnerability

> 
> Sorry to take you to task over this, Jeff, but Dom is exactly right. The
> *vulnerability* is there, sure, but all it gives you is the opportunity
> to run arbitrary code on the machine (where code in this case means CPU
> specific code) which may then give you remote access. What you do with
> that remote access (run a shell bound to a port, shutdown the machine,
> remove the zone files, whatever) is entirely dependent on the *exploit*
> code rather than the vulnerability itself.
> It's like the difference between leaving your back door open and finding
> your neighbour's noticed it, compared to leaving your back door open and
> finding someone's been in and pinched your microwave.
> 
> In my experience (sadly rather more than I would like...) the actual
> code to give you root access is not only CPU specific but also OS
> specific - shellcode for a BSD system won't work on Linux, Solaris et
> al. The Linux shellcode won't work on the others (usually).
> 
> In the case of this BIND vulnerability, at the moment it's just that - a
> vulnerability, a hole. There is no reported (yet!) exploit in-the-wild
> which will actually result in a compromise of a machine, because the
> discoverers of the vulnerability chose not to release them. By releasing
> the details however it's only a matter of time before someone comes
> along with an exploit.
> 
> As soon as an update is available with which you're comfortable, install
> it.

So does anyone know when cobalt will have an update for bind?

Thanks
  Mike

> 
> Graeme
> 
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users