[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] new bind exploit?

Subject: Re: [cobalt-security] new bind exploit?
From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 18 Jun 2002 07:03:05 -0400
Organization: Front Street Networks LLC
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Tuesday 18 June 2002 05:24 am, marcus miller wrote:
> Hi all,
>
> I have searched the list(s) security and user and not found a mention of
> this, so here goes....
>
> There is a newish exploit for the current package version of bind,
> (8.2.3-C1) - details as follows:
>
I don't think it affects the version on the RaQs, however I installed 8.3.1 
to be safe, using the following, works on RaQ3 / RaQ4. 

======== Install of Bind 8.3.1 ==============
ssh into server
su -
mkdir bind-8.3.1
cd bind-8.3.1
wget ftp://ftp.isc.org/isc/bind/src/8.3.1/bind-src.tar.gz
tar -zxvf bind-src.tar.gz
cd  src
make stdlinks
make clean
make depend
make all
ndc stop
make install
ndc start
=====================================
The RaQ2 has a problem with libbind.a, I'll post when I have if resolved.

Gerald
-- 
http://frontstreetnetworks.com  SOHO Networks & Web Site Hosting
Front Street Networks LLC     voice +1 203 785 0699 * fax +1 203 785 1787
229 Front Street, Ste. #C, New Haven CT 06513-3203

Follow-Ups:
- Re: [cobalt-security] new bind exploit?
  - From: Gerald Waugh

References:
- [cobalt-security] new bind exploit?
  - From: marcus miller

Prev by Date: RE: [cobalt-security] RE: new bind exploit?
Next by Date: Re: [cobalt-security] new bind exploit?
Previous by thread: Re: [cobalt-security] new bind exploit?
Next by thread: Re: [cobalt-security] new bind exploit?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index