|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: BIND 8.2.2.-P3, 0-day exploit
From: Jon Lewis (jlewis
LEWIS.ORG)Date: Mon Apr 24 2000 - 17:18:09 CDT
- Next message: Damian Gerow: "High port UDP probe?"
- Previous message: phredPACIFICWEST.COM: "HTTP attacks over weekend"
- In reply to: Patrick Oonk: "BIND 8.2.2.-P3, 0-day exploit"
- Next in thread: Brian McKinney: "Re: BIND 8.2.2.-P3, 0-day exploit"
- Reply: Jon Lewis: "Re: BIND 8.2.2.-P3, 0-day exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sat, 22 Apr 2000, Patrick Oonk wrote:
> In other words, P3 should be safe.
>
> So what is going on ? Is there some
> 0-day exploit doing rounds?
I know of at least one case in which it is likely the system hacked had
been upgraded to the 8.2.2-P3 RPM from Red Hat, but the admin failed to
restart bind...meaning that he had the "secure" one installed, but had
left the "insecure" one running. Perhaps the RPM should restart bind in
the %post section of the spec file.
----------------------------------------------------------------------
Jon Lewis *jlewislewis.org*| I route
System Administrator | therefore you are
Atlantic Net |
_________http://www.lewis.org/~jlewis/pgp for PGP public key__________
- Next message: Damian Gerow: "High port UDP probe?"
- Previous message: phredPACIFICWEST.COM: "HTTP attacks over weekend"
- In reply to: Patrick Oonk: "BIND 8.2.2.-P3, 0-day exploit"
- Next in thread: Brian McKinney: "Re: BIND 8.2.2.-P3, 0-day exploit"
- Reply: Jon Lewis: "Re: BIND 8.2.2.-P3, 0-day exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]