Date: Wed, 10 Nov 1999 20:51:11 -0500 (EST) From: Robert Watson <robert@cyrus.watson.org> To: Mike Tancsa <mike@sentex.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: BIND NXT Bug Vulnerability Message-ID: <Pine.BSF.3.96.991110204731.30151D-100000@fledge.watson.org> In-Reply-To: <4.1.19991110202719.04c5ee30@granite.sentex.ca>
index | next in thread | previous in thread | raw e-mail
On Wed, 10 Nov 1999, Mike Tancsa wrote: > At 08:25 PM 11/10/99 , Robert Watson wrote: > >3.3-RELEASE appears to use 8.1.2, which I believe is not vulnerable. My > >understanding is that this bug was introduced in 8.2.* of BIND. Please > >correct me if I am wrong. > > Actually, the initial posting to bugtraq only shows some of the picture. > There are in fact 6 bugs listed on the given URL, So 3.3-RELEASE is vulnerable to DOS, and not vulnerable to the remote access attack. Which is nice, but not ideal :-). Unfortunately, I wouldn't happen to be committer, so I wouldn't be commiting that one. :-) Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the messagehelp
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.991110204731.30151D-100000>