[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] security problem with bind version less than 8.2.3x on RAQ 1
- Subject: [cobalt-security] security problem with bind version less than 8.2.3x on RAQ 1
- From: Manfred Bayer <mb@xxxxxxxxxxxxxx>
- Date: Wed, 14 Feb 2001 07:59:03 +0100
- Organization: Standard Software
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hallo !
Our ISP (dialtoneinternet.net) has informed has that there
is a security problem with bind version less than 8.2.3x,
we have found a patch from cobalt for the RAQ 3 and RAQ 4
but the is no patch for RAQ 1 what should we do ?
Our System reports as follows:
[root@server admin]# rpm -qa |grep -i bind
bind-utils-8.2.2_P5-C2
bind-8.2.2_P5-C2
[root@server admin]
Please find attach the message from our ISP
Manfred
> Wednesday, February 13th, 2001
> Dialtone Internet
> Fort Lauderdale, Florida
> http://www.dialtoneinternet.com/
> VERY IMPORTANT: BIND Reminder #3...
> ~~~~~~~~~~~~~~~~~
>
> Dear Customer,
>
> I would like to remind you of the seriousness regarding the recent
BIND
> exploit released to the world.
>
> If you have a version of BIND less than 8.2.3x your server IS
vulnerable;
> Remember, it's not a matter of IF your server will be attacked, but
WHEN.
>
> Given the widespread deployment of the exploit code, it's only a
matter of
> time before the "bad guys" compile a program that will make hacking
your
> server as easy as "add the remote IP address and click RUN."
>
> The repercussions when your server has been hacked is loss of your
> DNS, connectivity, money, data, and possibly loss of your
> business if you do not have backups!
>
> 1. If hacked, your server MUST be rebuilt to fully secure it.
> 2. You will be charged for our time spent rebuilding your server.
> 3. The hacker can easily wipe your disk after gaining root, many do in
> attempts to "cover" their tracks.
> 4. If your server is hacked, and then used in attacks on our network,
your
> contract MAY be canceled according to our AUP.
>
> Please update your BIND packages immediately! You will find the
packages
> here...
>
> REGULAR Linux
> http://status.dialtoneinternet.net/status/81.html
>
> Cobalt RaQ3
> http://www.cobalt.com/support/download/raq3.eng.html
>
> Cobalt RaQ4
> http://www.cobalt.com/support/download/raq4.eng.html
--
Mit freundlichen Grüßen
Manfred Bayer, Geschäftsführer
Standard Software VertriebsgesmbH
www.gotoweb.at www.bueroware.at
Tel: +43 1 294 0200-0 Fax: DW 33
Mit GOTOWEB schnell ins E-Business