[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] new bind exploit?

Subject: [cobalt-security] new bind exploit?
From: "marcus miller" <cobalt_security_list@xxxxxxxxxxx>
Date: Tue, 18 Jun 2002 09:24:01 +0000
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi all,

I have searched the list(s) security and user and not found a mention ofthis, so here goes....

There is a newish exploit for the current package version of bind,(8.2.3-C1) - details as follows:


Name: "tsig bug"

Versions affected: 8.2, 8.2-P1, 8.2.1, 8.2.2-P1, 8.2.2-P2, 8.2.2-P3,8.2.2-P4, 8.2.2-P5, 8.2.2-P6, 8.2.2-P7, and all 8.2.3-betas

Severity:     CRITICAL
Exploitable:     Remotely
Type:     Access possible.

Description:

It is possible to overflow a buffer handling TSIG signed queries, therebyobtaining access to the system.


Workarounds:
None.

Active Exploits:
Exploits for this bug exist.

http://www.isc.org/products/BIND/bind-security.html

---------------------------------------------------------------------

Im newish to this so I am kinda looking for someone to put my mind at restabout this or to suggest a possible course of action.


Thanks in advance

Marcus Miller

_________________________________________________________________

MSN Photos is the easiest way to share and print your photos:http://photos.msn.com/support/worldwide.aspx

Follow-Ups:
- Re: [cobalt-security] new bind exploit?
  - From: Chris Burton
- Re: [cobalt-security] new bind exploit?
  - From: craig
- Re: [cobalt-security] new bind exploit?
  - From: Gerald Waugh

Prev by Date: Re: [cobalt-security] Security Apache 1.x
Next by Date: Re: [cobalt-security] new bind exploit?
Previous by thread: Re:[cobalt-security] Security Apache 1.x
Next by thread: Re: [cobalt-security] new bind exploit?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index