[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] BIND vulnerability

Subject: Re: [cobalt-users] BIND vulnerability
From: "Zeffie" <cobaltlist@xxxxxxxx>
Date: Thu Feb 1 11:59:27 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> Graeme Fowler wrote:
>
> > Sorry to take you to task over this, Jeff, but Dom is exactly right. The
> > *vulnerability* is there, sure, but all it gives you is the opportunity
> > to run arbitrary code on the machine (where code in this case means CPU
> > specific code) which may then give you remote access. What you do with
> > that remote access (run a shell bound to a port, shutdown the machine,
> > remove the zone files, whatever) is entirely dependent on the *exploit*
> > code rather than the vulnerability itself.
>
> I'll take my lashes, okay, but under mild protest <smile>, since I still
> think you can run interpreted code on a RaQ to make use of an exploit.
>
> Neverthless, maybe I'll go out and buy a few dozen old RaQ2s to use for
> dns all over the world with old copies of bind <smile>.
> Jeff Lasman

Jeff....  I dumped the cobalt dns system.....   Ahhh breathing room....  As
a perk the GUI still works too :)  In fact let me know if you do buy some I
would like a place to prework my installation or re-installation of
bind.....

Zeffie

Follow-Ups:
- Re: [cobalt-users] BIND vulnerability
  - From: Jeff Lasman

References:
- RE: [cobalt-users] BIND vulnerability
  - From: Graeme Fowler
- Re: [cobalt-users] BIND vulnerability
  - From: Jeff Lasman

Prev by Date: [cobalt-users] Cobalt have you fixed this vulnerability
Next by Date: Re: [cobalt-users] Webalizer with frontpage.-(
Previous by thread: Re: [cobalt-users] BIND vulnerability
Next by thread: Re: [cobalt-users] BIND vulnerability

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index