Date: Thu, 6 Aug 1998 10:41:40 +0100 From: "Greg Quinlan" <gquinlan@qmpgmc.ac.uk> To: "Greg Quinlan" <gquinlan@qmpgmc.ac.uk>, <freebsd-questions@FreeBSD.ORG> Cc: <ronno@blaze.net.au> Subject: Re: MSCAN - named - Vulnerability Message-ID: <01bdc11e$69e77cc0$380051c2@greg.qmpgmc.ac.uk>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_000F_01BDC126.CBABE4C0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sorry I seem to be answering my own questions. I found this extract from = the reference I just sent. Sorry I'll be quiet now... :) "<!--StartFragment--> FreeBSD, Inc.- ------------- We ship with INVQ not defined. This makes = us=20 resistent against the first vulnerability. This is true for all release = after=20 2.2.0 (2.1.* releases are vulnerable but should be upgraded anyway). = As we do=20 not yet ship BIND 8, we are also not vulnerable to the 3rd = vulnerability. We=20 advise everyone to upgrade to BIND 4.9.7."=20 from www.cert.org 06/08/98 -----Original Message----- From: Greg Quinlan <gquinlan@qmpgmc.ac.uk> To: Greg Quinlan <gquinlan@qmpgmc.ac.uk>; = freebsd-questions@freebsd.org <freebsd-questions@freebsd.org> Cc: ronno@blaze.net.au <ronno@blaze.net.au> Date: 06 August 1998 10:24 Subject: Re: MSCAN - named - Vulnerability =20 =20 This reference may also be useful: =20 ftp://ftp.cert.org/pub/cert_advisories/CA-98.05.bind_problems =20 Basically what version of BIND is FreeBSD using? ------=_NextPart_000_000F_01BDC126.CBABE4C0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD W3 HTML//EN"> <HTML> <HEAD> <META content=3Dtext/html;charset=3Diso-8859-1 = http-equiv=3DContent-Type><!DOCTYPE HTML PUBLIC "-//W3C//DTD W3 = HTML//EN"><!DOCTYPE HTML PUBLIC "-//W3C//DTD W3 HTML//EN"> <META content=3D'"MSHTML 4.71.1712.3"' name=3DGENERATOR> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT color=3D#000000 size=3D2>Sorry I seem to be answering my own = questions. I=20 found this extract from the reference</FONT></DIV> <DIV><FONT color=3D#000000 size=3D2></FONT><FONT size=3D2>I just sent. = Sorry I'll be=20 quiet now... :)</FONT></DIV> <DIV><FONT size=3D2></FONT> </DIV> <DIV><FONT size=3D2>"<!--StartFragment--><BR>FreeBSD, Inc.-=20 ------------- We ship with INVQ not defined. This makes us = <BR>resistent=20 against the first vulnerability. This is true for all release = after=20 <BR>2.2.0 (2.1.* releases are vulnerable but should be upgraded=20 anyway). As we do <BR>not yet ship BIND 8, we are also not=20 vulnerable to the 3rd vulnerability. We <BR>advise everyone to = upgrade to=20 BIND 4.9.7." </FONT> </DIV> <DIV><FONT size=3D2></FONT><FONT color=3D#000000=20 size=3D2> from <A=20 href=3D"http://www.cert.org">www.cert.org</A> 06/08/98</FONT></DIV> <DIV><FONT size=3D2></FONT> </DIV> <BLOCKQUOTE=20 style=3D"BORDER-LEFT: #000000 solid 2px; MARGIN-LEFT: 5px; PADDING-LEFT: = 5px"> <DIV><FONT face=3DArial size=3D2><B>-----Original = Message-----</B><BR><B>From:=20 </B>Greg Quinlan <<A=20 = href=3D"mailto:gquinlan@qmpgmc.ac.uk">gquinlan@qmpgmc.ac.uk</A>><BR><B= >To:=20 </B>Greg Quinlan <<A=20 href=3D"mailto:gquinlan@qmpgmc.ac.uk">gquinlan@qmpgmc.ac.uk</A>>; = <A=20 = href=3D"mailto:freebsd-questions@freebsd.org">freebsd-questions@freebsd.o= rg</A>=20 <<A=20 = href=3D"mailto:freebsd-questions@freebsd.org">freebsd-questions@freebsd.o= rg</A>><BR><B>Cc:=20 </B><A href=3D"mailto:ronno@blaze.net.au">ronno@blaze.net.au</A> = <<A=20 = href=3D"mailto:ronno@blaze.net.au">ronno@blaze.net.au</A>><BR><B>Date:= =20 </B>06 August 1998 10:24<BR><B>Subject: </B>Re: MSCAN - named -=20 Vulnerability<BR><BR></DIV></FONT> <DIV><FONT size=3D2>This reference may also be useful:</FONT></DIV> <DIV><FONT size=3D2></FONT> </DIV> <DIV><FONT size=3D2><A=20 = href=3D"ftp://ftp.cert.org/pub/cert_advisories/CA-98.05.bind_problems">ft= p://ftp.cert.org/pub/cert_advisories/CA-98.05.bind_problems</A></FONT></D= IV> <DIV> </DIV> <DIV><FONT color=3D#000000 size=3D2>Basically what version of BIND = is FreeBSD=20 using?</FONT></DIV></BLOCKQUOTE></BODY></HTML> ------=_NextPart_000_000F_01BDC126.CBABE4C0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01bdc11e$69e77cc0$380051c2>