From owner-freebsd-security Wed Apr 23 07:19:12 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id HAA02122 for security-outgoing; Wed, 23 Apr 1997 07:19:12 -0700 (PDT) Received: from utopia.nh.ultranet.com (jbowie@this.wanker.is.a.teensysop.org [207.41.158.32]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id HAA02108 for ; Wed, 23 Apr 1997 07:18:54 -0700 (PDT) Received: from localhost (jbowie@localhost) by utopia.nh.ultranet.com (8.8.5/8.8.5) with SMTP id KAA01026; Wed, 23 Apr 1997 10:15:31 GMT X-Authentication-Warning: utopia.nh.ultranet.com: jbowie owned process doing -bs Date: Wed, 23 Apr 1997 10:15:30 +0000 (GMT) From: The Code Warrior X-Sender: jbowie@utopia.nh.ultranet.com To: Dmitry Valdov cc: freebsd-security@FreeBSD.ORG Subject: Re: SNI-12: BIND Vulnerabilities and Solutions (fwd) In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Tue, 22 Apr 1997, Dmitry Valdov wrote: > Hello! > > Is fbsd 2.2.1 vulnerable? If yes are there any patches available specially > for FreeBSD? > > Well, I would have to say it is definitely vulnerable to the first prob- lem presented, as the BIND code is all the same, and the 2.2.1 release has a BIND distro which falls within the version constraints of the exploit, that it would have to be vulnerable. The second vulnerability however might not apply to us. I haven't checked the gethostby* libs, so I'm not sure if the resolver does internal bounds checking, rather than just letting you overflow the stack with a spoofed DNS name. I will look into it this afternoon. -Jon Bowie SysAdmin / Consulting / TeenSysop. 603-436-5698 jbowie@bsdnet.org "...And I still believe that I can not be saved." -Billy Corgan