[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] BIND EXPLOIT OUT.
- Subject: RE: [cobalt-security] BIND EXPLOIT OUT.
- From: Mat Schaffer <mschaffer@xxxxxxxxxxxxxxxxxxx>
- Date: Tue, 6 Feb 2001 13:38:42 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> At 03:25 AM 2/6/2001 +0000, you wrote:
> >Sorry about the caps, but if you haven't already installed
> some patches,
> >install them now.
> >A bind exploit has been posted to bugtraq, this time
> working. 3.30am GMT.
> >Doesn't require any special access or skills to run, gives you remote
> >root.
> How does it work?
> Even if you I don't use DNS services on my RaQ3i, am I still
> vulnerable...?
So long as DNS is OFF (read: the port isn't open) you're good. But it's
a good idea to fix it anyway, just on principle. As for how it works.
Look at bugtraq.
-Mat