[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] New bind problem - libbind buffer overflow

Subject: Re: [cobalt-security] New bind problem - libbind buffer overflow
From: Jay Summers <jay@xxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 10 Jul 2002 09:38:14 -0500
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

> I have just been doing our weekly security review and came across this on the
> bind site.
> 
> http://www.isc.org/products/BIND/bind-security.html
> 
> New problem with all versions prior to 8.3.3 ( last cobalt patch took us up to
> 8.2.3 ) Currently there are not known to be any exploits available but......
> its only a matter of time i suppose!

I've already upgraded my Bind to 8.3.3 from source. It went well with no ill
side effects. Gerald Waugh posted some instructions on the Cobalt-Users
list.

> Is anyone else aware of this? + Is there any one else more linux / security
> wise that can advise about the potential seriousness of this problem.

You should follow this thread from last week. It's definitely more than just
Bind.

http://list.cobalt.com/pipermail/cobalt-security/2002-July/005689.html

HTH,
j
-- 
http://www.bizmanuals.com

References:
- [cobalt-security] New bind problem - libbind buffer overflow
  - From: marcus miller

Prev by Date: [cobalt-security] suspicious chkroot report
Next by Date: Re: [cobalt-security] New bind problem - libbind buffer overflow
Previous by thread: [cobalt-security] New bind problem - libbind buffer overflow
Next by thread: Re: [cobalt-security] New bind problem - libbind buffer overflow

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index