[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] new bind exploit?
- Subject: Re: [cobalt-security] new bind exploit?
- From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 18 Jun 2002 08:59:47 -0400
- Organization: Front Street Networks LLC
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Tuesday 18 June 2002 07:03 am, Gerald Waugh wrote:
> On Tuesday 18 June 2002 05:24 am, marcus miller wrote:
> > Hi all,
> >
> > I have searched the list(s) security and user and not found a mention of
> > this, so here goes....
> >
> > There is a newish exploit for the current package version of bind,
> > (8.2.3-C1) - details as follows:
>
> I don't think it affects the version on the RaQs, however I installed 8.3.1
> to be safe, using the following, works on RaQ3 / RaQ4.
>
> ======== Install of Bind 8.3.1 ==============
> ssh into server
> su -
> mkdir bind-8.3.1
> cd bind-8.3.1
> wget ftp://ftp.isc.org/isc/bind/src/8.3.1/bind-src.tar.gz
> tar -zxvf bind-src.tar.gz
> cd src
> make stdlinks ### skip this step on a RaQ2
> make clean
> make depend
> make all
> ndc stop
> make install
> ndc start
> =====================================
> The RaQ2 has a problem with libbind.a, I'll post when I have if resolved.
Skip the step
make stdlinks ### skip this step on a RaQ
then it works fine...
it's now running on fsn1.frontstreetnetworks.net a RaQ2
Gerald
--
http://frontstreetnetworks.com SOHO Networks & Web Site Hosting
Front Street Networks LLC voice +1 203 785 0699 * fax +1 203 785 1787
229 Front Street, Ste. #C, New Haven CT 06513-3203