Re: named exploit

To: Al - image hosting services <azick%zickswebventures.com@localhost>
Subject: Re: named exploit
From: "Steven M. Bellovin" <smb%cs.columbia.edu@localhost>
Date: Sat, 26 Jul 2008 02:32:11 -0400

On Fri, 25 Jul 2008 16:16:24 -0700 (MST)
Al - image hosting services <azick%zickswebventures.com@localhost> wrote:

> Hi,
> 
> On Fri, 25 Jul 2008, Geert Hendrickx wrote:
> > > > > Looks like a named exploit is out in the wild now.
> > > > >
> > > > > http://www.caughq.org/exploits/CAU-EX-2008-0002.txt
> > > > >
> > > > Yes.  Until the fixes are fully in our tree, I suggest running
> > > > bind9 or bind95 from pkgsrc.  (And make sure you disable any
> > > > query-source lines in your named.conf.)
> > >
> > >
> > > HEAD, netbsd-4 and netbsd-4-0 have the fix already.
> 
> Can I just download the update to the source tree of bind and build
> it? If so, how would I do that?
> 
See the advisory -- it gives complete instructions on what to do.


                --Steve Bellovin, http://www.cs.columbia.edu/~smb

References:
- Re: named exploit
  - From: Geert Hendrickx
- Re: named exploit
  - From: Al - image hosting services

Prev by Date: Re: named exploit
Next by Date: [ANNOUNCEMENT] The pkgsrc-2008Q2 Branch
Previous by Thread: Re: named exploit
Next by Thread: Re: named exploit
Indexes:

Home | Main Index | Thread Index | Old Index