Date: Thu, 6 Aug 1998 09:48:13 +0100 From: "Greg Quinlan" <gquinlan@qmpgmc.ac.uk> To: <freebsd-questions@FreeBSD.ORG> Cc: <ronno@blaze.net.au> Subject: MSCAN - named - Vulnerability Message-ID: <01bdc116$f20fb980$380051c2@greg.qmpgmc.ac.uk>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_0029_01BDC11F.53D42180 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable It was reported to me by one of our technical people that "MSCAN" = (supposedly - a well known vulnerability scanner of UNIX systems) that = FreeBSD 2.2.5 is vulnerable in the following way: <Our-IP-address>: VULN: freebsd running named. try named overflow^@! This is a reference for futher reading: http://www.ja.net/CERT/CERT-CC/cert_advisories/CA-98.05.bind_problems Is FreeBSD 2.2.5 vulnerable to the named/bind overflow hack! Greg ------=_NextPart_000_0029_01BDC11F.53D42180 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD W3 HTML//EN"> <HTML> <HEAD> <META content=3Dtext/html;charset=3Diso-8859-1 = http-equiv=3DContent-Type> <META content=3D'"MSHTML 4.71.1712.3"' name=3DGENERATOR> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT color=3D#000000 size=3D2>It was reported to me by one of our = technical=20 people that "MSCAN" (supposedly - a well known vulnerability = scanner=20 of UNIX systems) that FreeBSD 2.2.5 is vulnerable in the following=20 way:</FONT></DIV> <DIV><FONT color=3D#000000 size=3D2></FONT> </DIV> <DIV><FONT color=3D#000000 size=3D2><Our-IP-address>: VULN: = freebsd running=20 named. try named overflow^@!</FONT></DIV> <DIV><FONT color=3D#000000 size=3D2></FONT> </DIV> <DIV><FONT color=3D#000000 size=3D2>This is a reference for futher=20 reading:<BR></FONT> </DIV> <DIV><FONT color=3D#000000 size=3D2><A=20 href=3D"http://www.ja.net/CERT/CERT-CC/cert_advisories/CA-98.05.bind_prob= lems">http://www.ja.net/CERT/CERT-CC/cert_advisories/CA-98.05.bind_proble= ms</A></FONT></DIV> <DIV><FONT color=3D#000000 size=3D2><A=20 href=3D"http://www.ja.net/CERT/CERT-CC/cert_advisories/CA-98.05.bind_prob= lems"></A></FONT> </DIV> <DIV><FONT color=3D#000000 size=3D2>Is FreeBSD 2.2.5 vulnerable to the = named/bind=20 overflow hack!</FONT></DIV> <DIV><FONT color=3D#000000 size=3D2></FONT> </DIV> <DIV><FONT color=3D#000000 size=3D2>Greg</FONT></DIV></BODY></HTML> ------=_NextPart_000_0029_01BDC11F.53D42180-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01bdc116$f20fb980$380051c2>