From owner-freebsd-questions Thu Aug 6 05:02:12 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA22535 for freebsd-questions-outgoing; Thu, 6 Aug 1998 05:02:12 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from rucus.ru.ac.za (rucus.ru.ac.za [146.231.29.2]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id FAA22395 for ; Thu, 6 Aug 1998 05:01:04 -0700 (PDT) (envelope-from nbm@rucus.ru.ac.za) Received: (qmail 9323 invoked by uid 1003); 6 Aug 1998 12:00:10 -0000 Message-ID: <19980806140009.B7795@rucus.ru.ac.za> Date: Thu, 6 Aug 1998 14:00:09 +0200 From: Neil Blakey-Milner To: Greg Quinlan , freebsd-questions@FreeBSD.ORG Cc: ronno@blaze.net.au Subject: Re: MSCAN - named - Vulnerability References: <01bdc116$f20fb980$380051c2@greg.qmpgmc.ac.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i In-Reply-To: <01bdc116$f20fb980$380051c2@greg.qmpgmc.ac.uk>; from Greg Quinlan on Thu, Aug 06, 1998 at 09:48:13AM +0100 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu 1998-08-06 (09:48), Greg Quinlan wrote: > This is a reference for futher reading: > > http://www.ja.net/CERT/CERT-CC/cert_advisories/CA-98.05.bind_problems > > Is FreeBSD 2.2.5 vulnerable to the named/bind overflow hack! As far as my experience, the exploit didn't seem to work on my machine personally, but it did knock over my named, which also means trouble. You should update your named, preferably to bind 8.1.2 (I think). Use cvsup to update your ports directory (or just ports/net), and type make install. Comes with a converter from bind4 named.boot to bind8's named.conf. (I'm not too sure about update paths for bind4) Neil -- Neil Blakey-Milner nbm@rucus.ru.ac.za To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message