From owner-freebsd-questions Tue Nov 19 15:30:37 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id PAA15165 for questions-outgoing; Tue, 19 Nov 1996 15:30:37 -0800 (PST) Received: from mail.vividnet.com (mail.vividnet.com [206.149.144.3]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id PAA15137; Tue, 19 Nov 1996 15:30:20 -0800 (PST) Received: from taurus.vividnet.com (taurus.vividnet.com [206.149.144.6]) by mail.vividnet.com (8.8.3/8.8.3) with ESMTP id OAA21843; Tue, 19 Nov 1996 14:55:21 -0800 (PST) Received: from localhost (postmaster@taurus.vividnet.com) by taurus.vividnet.com (8.7.6/8.6.9) with SMTP id PAA03576; Tue, 19 Nov 1996 15:24:44 -0800 (PST) X-Authentication-Warning: taurus.vividnet.com: brian owned process doing -bs Date: Tue, 19 Nov 1996 15:24:44 -0800 (PST) From: Brian Wang To: "S(pork)" cc: freebsd-security@FreeBSD.org, freebsd-questions@FreeBSD.org Subject: Re: Serious BIND resolver problem. (fwd) In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-questions@FreeBSD.org X-Loop: FreeBSD.org Precedence: bulk On Tue, 19 Nov 1996, S(pork) wrote: > >From your friendly neighborhood paranoia victim comes yet another loaded > question... > > I got this little advisory (thankfully without an exploit) today, and it's > got me all worried. It's a problem in the whole gethostbyname call that > allows (supposedly) local and remote users to gain root access using a > variety of programs that rely on the gethostbyname call. So I downloaded > BIND-4.9.3-REL which fixes all of this; and then I read the README in the > BSD directory, got thoroughly confused, and posted my root password to > #hack on irc. (kidding). Now this does not appear to be a simple feat > (hence my posting to -questions and -security; security people can look at > it and laugh, and questions can tell me all about "diff-ing my source > tree" and "manually updating includes (which you may or may not have to > do)." So my question is this; could anyone who's already updated this > give me some advice or some pointers to this procedure?? The site > carrying 4.9.3-REL is over at: ftp.vix.com/pub/bind/release > > Thanks All, > > Charles Charles, I think 4.9.5-REL over at ftp.vix.com/pub/bind/release/4.9.5 is what you are looking for, and as suggested by the advisory. I just updated our 2 name servers this morning, and all I did is make, and then make install. Sincerely, Brian