From owner-freebsd-security  Sun Feb 18 15:25:20 2001
Delivered-To: freebsd-security@freebsd.org
Received: from obsecurity.dyndns.org (adsl-64-165-226-53.dsl.lsan03.pacbell.net [64.165.226.53])
	by hub.freebsd.org (Postfix) with ESMTP id 6550137B503
	for <security@FreeBSD.ORG>; Sun, 18 Feb 2001 15:25:15 -0800 (PST)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id 02C0066B00; Sun, 18 Feb 2001 15:25:14 -0800 (PST)
Date: Sun, 18 Feb 2001 15:25:14 -0800
From: Kris Kennaway <kris@obsecurity.org>
To: Ng Pheng Siong <ngps@post1.com>
Cc: security@FreeBSD.ORG
Subject: Re: Base system with gcc stack-smashing protector
Message-ID: <20010218152514.A37519@mollari.cthul.hu>
References: <20001117154551.A77867@citusc17.usc.edu> <20010216182625I.etoh@trl.ibm.com> <20010218151005.B424@madcap.dyndns.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="Dxnq1zWXvFF0Q93v"
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20010218151005.B424@madcap.dyndns.org>; from ngps@post1.com on Sun, Feb 18, 2001 at 03:10:05PM +0800
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


--Dxnq1zWXvFF0Q93v
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sun, Feb 18, 2001 at 03:10:05PM +0800, Ng Pheng Siong wrote:
> On Fri, Feb 16, 2001 at 06:26:25PM +0900, Hiroaki Etoh wrote:
> > We confirmed the protected system blocked the bind TSIG exploit which is
> > announced from CERT, 31 Jan, 2001.
>=20
> Hmmm, is an exploit in the wild? Are servers being probed actively?
>=20
> I've been hearing people say no exploit has turned up yet.

Yes, an exploit has been publically distributed for several weeks, and
judging by the number of reports of people with old versions of BIND
having it suddenly crash, it is actively being used.

Kris

--Dxnq1zWXvFF0Q93v
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE6kFnaWry0BWjoQKURAkimAJ0eaVHkYbdagjIZfU33M3o9pfmB/gCdGtbf
inlOkIUQ7vTwQtkE8rg/z5c=
=Lbm6
-----END PGP SIGNATURE-----

--Dxnq1zWXvFF0Q93v--


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message