[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

BIND compromise

To: SILUG <silug-discuss@silug.org>
Subject: BIND compromise
From: KoReE <koree@squishy.ameth.org>
Date: Sat, 27 Jun 1998 14:00:13 -0500 (CDT)
Organization: Southern Illinois Linux Users Group
Reply-To: silug-discuss@silug.org
Sender: owner-silug-discuss@silug.org


Watch out if you're running BIND 4.9.5, 4.9.6 or 8.1.x.  There's a nifty
little buffer overflow program on www.rootshell.com that allows users to
get a root shell.  I had a system compromised in this way.  You're
probably vulnerable if you're running redhat 5.0 or 5.1 with the shipped
nameserver.  4.9.3 is not vulnerable, but, the program does kill the
nameserver off.  So, I guess it's a DoS in that respect.  Just thought I'd
heads-up ya guys.

Koree

---------------------------------------------
Koree A. Smith  | Co-Administrator, Ameth.org
koree@Ameth.org | http://www.ameth.org/~koree       
NT != *IX       | I Corinthians 2:1-5
---------------------------------------------


--
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.

Follow-Ups:
- Re: BIND compromise
  - From: Matt Crawford <mattman@quake.fastrans.net>

Prev by Date: SNMP
Next by Date: Re: BIND compromise
Prev by thread: SNMP
Next by thread: Re: BIND compromise
Index(es):
- Date
- Thread