Re: Bind: FreeBSD-SA-01:10 and CERT Advisory CA-2001-02
From: Kris Kennaway (kris@obsecurity.org)
Date: 01/29/01
- Next message: Si.: "RE: [COVERT-2001-01] Multiple Vulnerabilities in BIND - FreeBSD Implications ?"
- Previous message: l705723712@yahoo.com: "g人資訊軟體更新資訊 本次新增一百三十多片......狂人資訊軟體更新資訊狂人資訊軟體更新資訊 本次新增一百三十多片...狂人資訊軟體更新資訊 本次新增一百三十多片.."
- In reply to: Igor Roshchin: "Bind: FreeBSD-SA-01:10 and CERT Advisory CA-2001-02"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 29 Jan 2001 11:48:09 -0800 From: Kris Kennaway <kris@obsecurity.org> To: Igor Roshchin <str@giganda.komkon.org>
On Mon, Jan 29, 2001 at 11:29:51AM -0500, Igor Roshchin wrote:
> My COMMENT:
> -------
> This is not true, because 4.0-RELEASE was shipped with
> named 8.2.2-P5-NOESW Mon Mar 20 20:43:54 GMT 2000
> root@monster.cdrom.com:/usr/obj/usr/src/usr.sbin/named
> Thus, the statement in the advisory in question might be
> at least misleading.
Hmm, oops. I'll update it.
> Therefore :
> My question:
> Is 8.2.2-P5-NOESW (shipped with 4.0-RELEASE) vulnerable to
> a) the problem described in FreeBSD-SA-01:10
Sounds like.
> b) the problem described in CERT Advisory CA-2001-02
> (Multiple Vulnerabilities in BIND), VU#196945 (see that advisory
> at the bottom of this message).
No, that's a new problem we found out about a few days ago. Ain't
software great?
An advisory will be forthcoming.
Kris
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- application/pgp-signature attachment: stored
- Next message: Si.: "RE: [COVERT-2001-01] Multiple Vulnerabilities in BIND - FreeBSD Implications ?"
- Previous message: l705723712@yahoo.com: "g人資訊軟體更新資訊 本次新增一百三十多片......狂人資訊軟體更新資訊狂人資訊軟體更新資訊 本次新增一百三十多片...狂人資訊軟體更新資訊 本次新增一百三十多片.."
- In reply to: Igor Roshchin: "Bind: FreeBSD-SA-01:10 and CERT Advisory CA-2001-02"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
