[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] new bind exploit?
- Subject: Re: [cobalt-security] new bind exploit?
- From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 18 Jun 2002 07:03:05 -0400
- Organization: Front Street Networks LLC
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Tuesday 18 June 2002 05:24 am, marcus miller wrote:
> Hi all,
>
> I have searched the list(s) security and user and not found a mention of
> this, so here goes....
>
> There is a newish exploit for the current package version of bind,
> (8.2.3-C1) - details as follows:
>
I don't think it affects the version on the RaQs, however I installed 8.3.1
to be safe, using the following, works on RaQ3 / RaQ4.
======== Install of Bind 8.3.1 ==============
ssh into server
su -
mkdir bind-8.3.1
cd bind-8.3.1
wget ftp://ftp.isc.org/isc/bind/src/8.3.1/bind-src.tar.gz
tar -zxvf bind-src.tar.gz
cd src
make stdlinks
make clean
make depend
make all
ndc stop
make install
ndc start
=====================================
The RaQ2 has a problem with libbind.a, I'll post when I have if resolved.
Gerald
--
http://frontstreetnetworks.com SOHO Networks & Web Site Hosting
Front Street Networks LLC voice +1 203 785 0699 * fax +1 203 785 1787
229 Front Street, Ste. #C, New Haven CT 06513-3203