[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] new bind exploit?
- Subject: [cobalt-security] new bind exploit?
- From: "marcus miller" <cobalt_security_list@xxxxxxxxxxx>
- Date: Tue, 18 Jun 2002 09:24:01 +0000
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi all,
I have searched the list(s) security and user and not found a mention of
this, so here goes....
There is a newish exploit for the current package version of bind,
(8.2.3-C1) - details as follows:
Name: "tsig bug"
Versions affected: 8.2, 8.2-P1, 8.2.1, 8.2.2-P1, 8.2.2-P2, 8.2.2-P3,
8.2.2-P4, 8.2.2-P5, 8.2.2-P6, 8.2.2-P7, and all 8.2.3-betas
Severity: CRITICAL
Exploitable: Remotely
Type: Access possible.
Description:
It is possible to overflow a buffer handling TSIG signed queries, thereby
obtaining access to the system.
Workarounds:
None.
Active Exploits:
Exploits for this bug exist.
http://www.isc.org/products/BIND/bind-security.html
---------------------------------------------------------------------
Im newish to this so I am kinda looking for someone to put my mind at rest
about this or to suggest a possible course of action.
Thanks in advance
Marcus Miller
_________________________________________________________________
MSN Photos is the easiest way to share and print your photos:
http://photos.msn.com/support/worldwide.aspx