Date: Wed, 17 Nov 1999 12:10:42 -0700 From: Warner Losh <imp@village.org> To: trouble@netquick.net Cc: current@freebsd.org Subject: Re: BIND update Message-ID: <199911171910.MAA18303@harmony.village.org> In-Reply-To: Your message of "Wed, 17 Nov 1999 14:15:05 EST." <3832FEB9.4B9B9F52@netquick.net> References: <3832FEB9.4B9B9F52@netquick.net> <Pine.BSF.4.20.9911171332120.48634-100000@penelope.skunk.org> <199911171850.LAA18026@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- In message <3832FEB9.4B9B9F52@netquick.net> TrouBle writes: : just a quick note, where do i find the information needed about the bind : problem i face in 3.3-RELEASE if any ?? You can find it at the BIND web site. FreeBSD has Bind 8.1.2. - From the chart at http://www.isc.org/products/BIND/bind-security-19991108.html we see solinger DoS maxfd DoS w/ workaround naptr possible problem when users can modify zone files maxdname sprintf overflow that is unlikely to trigger elevated privs, but may be used to crash servers. The NXT exploit is not present in 8.1.x, so that remote exploit is not present. More complete information and fixes will be forthcoming. Warner -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface iQCVAwUBODL9l1UuHi5z0oilAQGNWwQAo/BE8oSXvz7IhGBuLYz4i+7BxOXnM6cG zVESLfsv9WapRn8PXu1+suppa2RHcyu0ynGeWPjoN0SAX3IElTI2vPrwCT9UG8j0 526wcOm+VCvJjxMah+0ix50oUkMRRvdnV5Kae4Q4ZQCQiUOwyHWQTxV5tlljii+y 4x9y/UiCS5g= =X4s/ -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911171910.MAA18303>