Re: FreeBSD Security Advisory FreeBSD-SA-08:06.bind



NOTE WELL: If a port number is specified via the query-source or
query-source-v6 options to BIND, randomized port selection will not be
used. Consequently it is strongly recommended that these options not
be used to specify fixed port numbers
--
Michael Scheidell, CTO
|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBSD SpamAssassin Ports maintainer


From: Mark Andrews <Mark_Andrews@xxxxxxx>
Date: Mon, 14 Jul 2008 10:29:36 +1000
To: <freebsd-security@xxxxxxxxxxx>
Cc: FreeBSD Security Advisories <security-advisories@xxxxxxxxxxx>
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-08:06.bind


There was no mention of checking named.conf to ensure that
a port was not specified in the query-source clauses. Just
upgrading will not fix the problem it if named.conf has

"query-source port 53".

Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@xxxxxxx
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

_________________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.spammertrap.com
_________________________________________________________________________
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"



Relevant Pages