Re: Bind 9.2.X exploit???

From: David Carmean (dlc@halibut.com)
Date: 07/26/02

• Previous message: Anton A. Chuvakin: "Re: Anyone know this rootkit (rootkits?)"
• In reply to: Alexandru Balan: "Re: Bind 9.2.X exploit???"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Fri, 26 Jul 2002 09:14:35 -0700
From: David Carmean <dlc@halibut.com>
To: Alexandru Balan <jay@iNES.RO>

On Fri, Jul 26, 2002 at 01:19:29PM +0300, Alexandru Balan wrote:

> i asked the guy for the exploit, ran it. and it seems to fork in
> background and afterwards it starts flooding with UDP packets
> 161.69.3.150 ;P not nice, not nice at all

Oh, right! From Feb, 2001. There was a "bind 8 exploit"
that was really a trojan that pounded what was then dns1.nai.com.

http://online.securityfocus.com/archive/1/159930/2001-01-30/2001-02-05/1

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

---

• Previous message: Anton A. Chuvakin: "Re: Anyone know this rootkit (rootkits?)"
• In reply to: Alexandru Balan: "Re: Bind 9.2.X exploit???"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > incidents  > 2002-07