Hi all, I have searched the list(s) security and user and not found a mention of this, so here goes....
There is a newish exploit for the current package version of bind, (8.2.3-C1) - details as follows: Name: "tsig bug" Versions affected: 8.2, 8.2-P1, 8.2.1, 8.2.2-P1, 8.2.2-P2, 8.2.2-P3, 8.2.2-P4, 8.2.2-P5, 8.2.2-P6, 8.2.2-P7, and all 8.2.3-betas Severity: CRITICAL Exploitable: Remotely Type: Access possible. Description: It is possible to overflow a buffer handling TSIG signed queries, thereby obtaining access to the system. Workarounds: None. Active Exploits: Exploits for this bug exist. http://www.isc.org/products/BIND/bind-security.html --------------------------------------------------------------------- Im newish to this so I am kinda looking for someone to put my mind at rest about this or to suggest a possible course of action. Thanks in advance Marcus Miller _________________________________________________________________ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
