[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
BIND NXT Bug Vulnerability (fwd)
There's an exploit for this now, so if you are running bind 8.x, you
probably want to upgrade. (For those of you running Red Hat 6.0, the
updates mirror on ftp.silug.org actually has the rpms, which amazes me
because mirror has been consistently failing for weeks now...)
----- Forwarded message from Elias Levy -----
Date: Wed, 10 Nov 1999 13:55:25 -0800
From: Elias Levy <aleph1@SECURITYFOCUS.COM>
Subject: BIND NXT Bug Vulnerability
Name: "nxt bug"
Versions affected: 8.2, 8.2 patchlevel 1, 8.2.1
Type: Access possible
A bug in the processing of NXT records can theoretically allow an
attacker to gain access to the system running the DNS server at
whatever privilege level the DNS server runs at.
At this time, ISC is unaware of any active exploits of this
vulnerability however given the potential access this vulnerability
represents, it is probable scripts will be created in the near future
that make use of this vulnerability.
To unsubscribe, send email to firstname.lastname@example.org with
"unsubscribe luci-discuss" in the body.