[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Re: Bind exploit on Cobalt feedback
- Subject: Re: [cobalt-security] Re: Bind exploit on Cobalt feedback
- From: Gossi The Dog <gossi@xxxxxxxxxxxxxx>
- Date: Thu, 8 Feb 2001 20:47:40 +0000 (GMT)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Thu, 8 Feb 2001, Mark wrote:
> > I've had chance to test the published exploit on my RaQ3. It didn't work.
> > It appears the way Bind was compiled by Cobalt / Redhat inhibits
> > succesfully exploition. Obviously, you still need to apply patches
> > however, as there may be a workaround for this.
> > Rgds,
> > Gossi.
>
> Can you post this exploit or a link to a copy online ? I have patched
> both our Raq3 boxs but would like to make sure and the only way to be
> sure is to throw the exploit at it.
http://owned.lab6.com/~gossi/RaQ-security/exploits/bind8x.c
HTH,
Gossi.