oriolrius.cat

Des del 2000 compartiendo sobre…

BIND Vulnerabilities

2001/01/30
17:33

System administration, Databases, Messaging and Security

Reading time: < 1 minute

Aquests dies has sortit un mega-bug a totes les versions del Bind per sota
de la 9.1, es veu que la cosa és molt xunga i convé
“updetajar-se” ràpid.

No he trobat enlloc l’explicació tècnica de com es fa explotar
el tema, malgrat es veu q ja hi ha explotis una bona url per informacion del
BIND és:
http://www.isc.org/products/BIND/bind-security.html
Però no s’explica massa profundament. L’únic q diu sobre aquesta
vulnerabilitat és:
“It is possible to overflow a buffer handling TSIG signed queries, thereby
obtaining access to the system. “
Quan trobi més info sobre el tema ja la posaré en forma de
comentari.

3 thoughts on “BIND Vulnerabilities”

Oriol Rius
2001/01/30 at 22:36

He pujat al SDMS un fitxer q es diu fix_for_dns_sofware_hole.html on s’explica
la magnitut del bug de seguretat q s’ha trobat al BIND. Les keyword del SDMS
són: bug dns linux
Oriol Rius
2001/01/30 at 22:43

Links on trobar els informes de securityfocus:
Bind 8:
http://www.securityfocus.com/bid/2302
http://www.securityfocus.com/bid/2304
Bind 4:
http://www.securityfocus.com/bid/2307
http://www.securityfocus.com/bid/2309
Oriol Rius
2001/03/27 at 19:17

A LinuxSecurity he trobat la solució explicada de com sulucionar aquest
vell:
http://www.linuxsecurity.com/advisories/slackware_advisory-1121.html
Aquest error torna a estar de moda arran del WORM Lion:
http://www.sans.org/y2k/lion.htm

Comments are closed.

Últimas entradas

Docker Container Status as Prometheus Exporter Metrics

2024/11/07

Reading time: 2 – 2 minutes Tracking Docker container status in real time is a common challenge in DevOps. Popular

How to Keep Your Notion Docs Synced with Your Repositories Using readme2notion

2024/11/05

Reading time: 4 – 6 minutes Tired of updating documentation across multiple platforms? If your projects rely on Notion for

Comparing Python Executable Packaging Tools: PEX, PyOxidizer, and PyInstaller

2024/10/25

Reading time: 9 – 15 minutes Packaging Python applications into standalone executables can simplify deployment and distribution, especially when dealing

How to Manage Environment Variables for Production and Development with Docker Compose

2024/08/29

Reading time: 34 – 56 minutes Managing environment variables for different environments, such as production and development, is crucial for

BIND Vulnerabilities

3 thoughts on “BIND Vulnerabilities”

Últimas entradas

Docker Container Status as Prometheus Exporter Metrics

How to Keep Your Notion Docs Synced with Your Repositories Using readme2notion

Comparing Python Executable Packaging Tools: PEX, PyOxidizer, and PyInstaller

How to Manage Environment Variables for Production and Development with Docker Compose

Archivo