[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] [ Security ] - bind DoS vulnerability

Subject: [cobalt-security] [ Security ] - bind DoS vulnerability
From: Jeff Lovell <jlovell@xxxxxxxxxx>
Date: Mon, 13 Nov 2000 20:07:10 -0800
Organization: Cobalt Networks, Inc.
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Overview:
---------

Recently a discovery of a vulnerability in the version of 
bind ( 8.2.x ) that is shipped on Cobalt RaQ2, RaQ3, and RaQ4, 
allows remote users to perform a DoS ( Denial of Service )
attack leaving the name services on the RaQs unavailable.

In order to help eliminate the immediate threat of these
attacks, Cobalt has made available a set of RPMs that can
be installed to eliminate the vulnerability.

These RPMs have not gone through extensive testing by
our Quality Assurance department, and it is recommended
that you do not install these if you are not familiar with
installing and un-install RPMs.

Details about the bug can be found at:

http://www.cert.org/advisories/CA-2000-20.html


Location:
---------

RaQ3 and RaQ4:
ftp://ftp.cobaltnet.com/pub/experimental/RPMS/i386/bind-8.2.2_P7-C1.i386.rpm
ftp://ftp.cobaltnet.com/pub/experimental/RPMS/i386/bind-devel-8.2.2_P7-C1.i386.rpm
ftp://ftp.cobaltnet.com/pub/experimental/RPMS/i386/bind-utils-8.2.2_P7-C1.i386.rpm

RaQ2:
ftp://ftp.cobaltnet.com/pub/experimental/RPMS/mips/bind-8.2.2_P7-C1.mips.rpm
ftp://ftp.cobaltnet.com/pub/experimental/RPMS/mips/bind-devel-8.2.2_P7-C1.mips.rpm
ftp://ftp.cobaltnet.com/pub/experimental/RPMS/mips/bind-utils-8.2.2_P7-C1.mips.rpm

Source:
ftp://ftp.cobaltnet.com/pub/experimental/SRPMS/bind-8.2.2_P7-C1.src.rpm


md5sum:
-------

RaQ3/RaQ4:
3f057959ab128f5c040d3cdc9252df18  bind-8.2.2_P7-C1.i386.rpm
947e57b001736d55bded515b1179a34e  bind-devel-8.2.2_P7-C1.i386.rpm
ec02af0326da4c481c9302b4153e04a6  bind-utils-8.2.2_P7-C1.i386.rpm

RaQ2:
88e2fadca3c14516df9a976904e77c0a  bind-8.2.2_P7-C1.mips.rpm
b31e935b725d3230fc0eaa4ccd53c829  bind-devel-8.2.2_P7-C1.mips.rpm
315c4472ceba0d89a437e9e5a94bafdc  bind-utils-8.2.2_P7-C1.mips.rpm

Source:
bffa34c4ce87cb8c629879cbb3a8b852  bind-8.2.2_P7-C1.src.rpm


Notes:
------

The RPMS and SRPMS for 8.2.2_P5 are available if you would
like to reinstall the RPMS if you encounter problems.  You
can get them from:

ftp://ftp.cobaltnet.com/pub/users/jlovell/rpms/

Please direct and bugs or comments about this patch to me
jlovell@xxxxxxxxxxx



Jeff

-- 
Jeff Lovell
Cobalt Networks, Inc.

Follow-Ups:
- Re: [cobalt-security] [ Security ] - bind DoS vulnerability
  - From: Mike Dowdell
- Re: [cobalt-security] [ Security ] - bind DoS vulnerability
  - From: Thomas Novin
- RE: [cobalt-security] [ Security ] - bind DoS vulnerability
  - From: Jose Luis Aguilar

Prev by Date: [cobalt-security] Re: Still Unable to turn off NFS
Next by Date: Re: [cobalt-security] [ Security ] - bind DoS vulnerability
Previous by thread: Re: [cobalt-security] Re: Still Unable to turn off NFS
Next by thread: Re: [cobalt-security] [ Security ] - bind DoS vulnerability

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index