Date: Thu, 9 Nov 2000 11:28:51 -0700 (MST) From: Peter <peterk@americanisp.net> To: Justin Stanford <jus@security.za.net> Cc: Michael Bryan <fbsd-secure@ursine.com>, freebsd-security@freebsd.org Subject: Re: DOS vulnerability in BIND 8.2.2-P5 Message-ID: <Pine.LNX.4.21.0011091126490.17328-100000@oxygen.americanisp.net> In-Reply-To: <Pine.BSF.4.21.0011092017530.341-100000@athena.za.net>
next in thread | previous in thread | raw e-mail | index | archive | help
I bought the 4.0=Release version, cvsup to 4.1.1 stable (folling RELENG_4), did that update BIND also? Or will I have to cvsup my ports and then build BIND from /usr/ports/whatever/BIND ? On another note when I cvsup using the RELENG_4, that upgrades exactly what? I know the kernel but what else? compiler? **Random Fortune for this instance of pine** To be intoxicated is to feel sophisticated but not be able to say it. --- www.nul.cjb.net --- The Power to Crash! --- www.FreeBSD.org --- The Power to Serve! On Thu, 9 Nov 2000, Justin Stanford wrote: > I could not get my 4.1.1-STABLE machine's named to crash no matter what I > did. Reports indicate any of the 4.x-STABLE branch are not vulnerable. > > > > -- > Justin Stanford > 082 7402741 > jus@security.za.net > www.security.za.net > IT Security and Solutions > > > On Thu, 9 Nov 2000, Michael Bryan wrote: > > > > > For those who haven't yet seen the messages in BugTraq, there is > > a DOS vulnerability in BIND 8.2.2-P5. Sending a ZXFR request to > > a server can cause it to crash. (The crash might happen a few > > minutes after the ZXFR request, as it sets something up for a later > > failure.) If BIND is setup to restrict zone transfers to only those > > hosts that you trust, only those hosts can trigger the bug, so that's > > the easiest way to protect yourself. Sites that don't have an > > "allow-transfer" acl restriction on zone transfers are wide open to > > this DOS attack, though, and there are apparently a lot of sites > > which are wide open like this. > > > > > > The original BugTraq article is here: > > > > http://www.securityfocus.com/archive/1/143843 > > > > It appears that 8.2.3-T5B, 8.2.3-T6B and 9.0.0 are not vulnerable, > > but 8.2.2-P3 and 8.2.2-P5 have been confirmed to be vulnerable under > > FreeBSD. > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.21.0011091126490.17328-100000>