Hi Alan, > >It should be reported as bind-8.2.3-C4, bind-8.3.3-SOL2RaQ34 or > >bind-8.3.4-SOL1RaQ34. Those versions are fine. > > What about > > bind-8.2.3-C5stackguard
I just looked into the matter as I wasn't 100% sure about that version. bind-8.2.3-C5stackguard had been packaged on 12th November 2001 and was part of the original SHP package. I also looked into bind-8.2.3-C4 again. That one has been packaged on 18th September 2001 and it was/is part of RaQ4-All-Security-1.0.1-10749.pkg Just by looking at the date it does NOT appear as if both fix the vulnerabilities outlined in the ISS X-Force advisory from 12th November 2002: http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469 There are two flaws in Bind 8 prior to 8.3.4 (or a patched 8.3.3). One allows for a denial of service attack and the other one is a remotely exploitable buffer overflow. To me it is unclear to which degree the compilation with Stackguard hardens bind-8.2.3-C5stackguard against the buffer overflow, but personally speaking I'd feel insufficiently protected if I had to rely on it. -- With best regards, Michael Stauber [EMAIL PROTECTED] Unix/Linux Support Engineer _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
