Date: Thu, 6 Aug 1998 14:00:09 +0200 From: Neil Blakey-Milner <nbm@rucus.ru.ac.za> To: Greg Quinlan <gquinlan@qmpgmc.ac.uk>, freebsd-questions@FreeBSD.ORG Cc: ronno@blaze.net.au Subject: Re: MSCAN - named - Vulnerability Message-ID: <19980806140009.B7795@rucus.ru.ac.za> In-Reply-To: <01bdc116$f20fb980$380051c2@greg.qmpgmc.ac.uk>; from Greg Quinlan on Thu, Aug 06, 1998 at 09:48:13AM %2B0100 References: <01bdc116$f20fb980$380051c2@greg.qmpgmc.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu 1998-08-06 (09:48), Greg Quinlan wrote: > This is a reference for futher reading: > > http://www.ja.net/CERT/CERT-CC/cert_advisories/CA-98.05.bind_problems > > Is FreeBSD 2.2.5 vulnerable to the named/bind overflow hack! As far as my experience, the exploit didn't seem to work on my machine personally, but it did knock over my named, which also means trouble. You should update your named, preferably to bind 8.1.2 (I think). Use cvsup to update your ports directory (or just ports/net), and type make install. Comes with a converter from bind4 named.boot to bind8's named.conf. (I'm not too sure about update paths for bind4) Neil -- Neil Blakey-Milner nbm@rucus.ru.ac.za To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980806140009.B7795>