[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] BIND EXPLOIT OUT.

Subject: RE: [cobalt-security] BIND EXPLOIT OUT.
From: Mat Schaffer <mschaffer@xxxxxxxxxxxxxxxxxxx>
Date: Tue, 6 Feb 2001 13:38:42 -0500
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> At 03:25 AM 2/6/2001 +0000, you wrote:
> >Sorry about the caps, but if you haven't already installed
> some patches,
> >install them now.
> >A bind exploit has been posted to bugtraq, this time
> working.  3.30am GMT.
> >Doesn't require any special access or skills to run, gives you remote
> >root.

> How does it work?
> Even if you I don't use DNS services on my RaQ3i, am I still
> vulnerable...?

So long as DNS is OFF (read: the port isn't open) you're good.  But it's
a good idea to fix it anyway, just on principle.  As for how it works.
Look at bugtraq.
-Mat

References:
- Re: [cobalt-security] BIND EXPLOIT OUT.
  - From: Theodore Jones

Prev by Date: Re: [cobalt-security] BIND EXPLOIT OUT.
Next by Date: RE: [cobalt-security] Posting habits.
Previous by thread: Re: [cobalt-security] BIND EXPLOIT OUT.
Next by thread: Re: [cobalt-security] BIND EXPLOIT OUT.

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index