Date: Wed, 9 May 2001 13:30:06 -0400 From: Jim Mock <mij@osdn.com> To: webmaster <russ@mtanet.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: A new bind vulberability? Message-ID: <20010509133006.C1288@guinness.osdn.com> In-Reply-To: <Pine.BSF.4.21.0105091104540.9798-100000@C1521581-A.BLLNGS1.MT.HOME.COM>; from russ@mtanet.net on Wed, May 09, 2001 at 11:26:46AM -0600 References: <Pine.BSF.4.21.0105091104540.9798-100000@C1521581-A.BLLNGS1.MT.HOME.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 09 May 2001 at 11:26:46 -0600, webmaster wrote: > Hi, > > I have two dns servers running freebsd/bind 8.2.3-T6B in which bind > appears to be vulnerable to version questions asked in a certain > manner. That is a known vulnerable version of bind. You should be running at least 8.2.3-REL. Take a look at: ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:18.bind.asc (If you can't get into the main ftp site, try a mirror.) All versions prior to 8.2.3-RELEASE contain a remotely exploitable buffer overflow. If you see the same problems in 8.2.3-REL or later, let us know. - jim -- - jim mock <mij@osdn.com> - O|S|D|N - open source development network - - http://www.freebsdzine.org/ - jim@freebsdzine.org - jim@FreeBSD.org - To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010509133006.C1288>