Date: Tue, 30 Jan 2001 14:52:04 +1300 From: "Michael A. Williams" <mike@netxsecure.net> To: Matt@netxsecure.net, Dillon@netxsecure.net Cc: freebsd-security@FreeBSD.ORG Subject: Re: [COVERT-2001-01] Multiple Vulnerabilities in BIND - FreeBSDImplications ? Message-ID: <3A761E44.1E7306FB@netxsecure.net> References: <Pine.BSF.4.21.0101291957200.18160-100000@andromeda.frogtongue.com> <200101300108.f0U18MO81199@earth.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Matt Dillon wrote:
>
> Ok, I'm really confused now. I am currently running 8.2.3-T6B.
>
> Do I need to upgrade or am I ok? If I need to upgrade, is the patch
> in the tree now or do I need to wait?
>
Hi Matt,
According to:
Subject:
[COVERT-2001-01] Multiple Vulnerabilities in BIND
Date:
Mon, 29 Jan 2001 06:31:55 -0800
From:
COVERT Labs <seclabs@NAI.COM>
To:
BUGTRAQ@SECURITYFOCUS.COM
<SNIP>
Vulnerable Systems
BIND 8 versions: 8.2, 8.2.1
8.2.2 through to 8.2.2-P7
8.2.3-T1A through to 8.2.3-T9B <--- 8.2.3-T6B fits in
here.
BIND 4 versions: buffer overflow - 4.9.5 through to 4.9.7
format string - 4.9.3 through to 4.9.5-P1
<SNIP>
You are vulnerable and do need to upgrade.
Mike.
--
Michael A. Williams, InfoSec Technology Manager
NetXSecure NZ Limited, mike@netxsecure.net www.netxsecure.com
Ph.+64.9.278.8348, Fax.+64.9.278.8352, Mob.+64.21.995.914
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A761E44.1E7306FB>