From owner-freebsd-security Tue Jul 21 05:34:14 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA11130 for freebsd-security-outgoing; Tue, 21 Jul 1998 05:34:14 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ns.cityip.co.za (ns.cityip.co.za [196.25.223.140]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id FAA10642 for ; Tue, 21 Jul 1998 05:30:56 -0700 (PDT) (envelope-from wjv@cityip.co.za) Received: from wjv by ns.cityip.co.za with local (Exim 1.82 #2) id 0yybXg-000192-00; Tue, 21 Jul 1998 14:29:16 +0200 Message-ID: <19980721142916.B4361@cityip.co.za> Date: Tue, 21 Jul 1998 14:29:16 +0200 From: Johann Visagie To: Steve Reid , freebsd-security@FreeBSD.ORG Subject: Re: /usr/sbin/named References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.91.1i In-Reply-To: ; from Steve Reid on Sun, May 31, 1998 at 11:56:23PM -0700 X-PGP: ftp://ftp.cityip.co.za/users/wjv/pubkey.asc X-URL: http://www.cityip.co.za/~wjv/ Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sun, 31 May 1998 at 23:56 SAT, Steve Reid wrote: > > Is /usr/sbin/named as distributed with FreeBSD 2.2.6-RELEASE vulnerable > to known exploits? If it had been vulnerable you would've been hacked already. :-) There was widespread exploitation of that hole, especially after the release of mscan. >From what I can establish, no recent versions of FreeBSD are vulnerable OOTB, since the named is /not/ compiled with inverse queries enabled by default. I've tried the exploit on a number of machines to no avail. (Oh the other hand, many RedHat Linux machines are vulnerable, depending on which version of RedHat's named RPM is installed.) -- V Johann Visagie | Email: wjv@CityIP.co.za | Tel: +27 21 419-7878 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message