There is an exploit floating around that allows for a root shell to be
executed on the vulnerable system. It is widely available on the `net,
and from everything that I have read, it works pretty well, too.
FYI,
Kenny
"Karl J. Runge" wrote:
>
> Hi,
>
> This may be a false alarm, but in the past few days I've had a lot of
> people jiggling the port 53 (DNS) doorknob on my firewall. About as many
> in the last 4 days as I had in the previous 4 months...
>
> Makes me think the script kiddies have a exploit toy for the BIND/named
> vulnerability discussed at: http://www.cert.org/advisories/CA-2001-02.html
> and http://www.isc.org
>
> So... if you haven't updated your externally visible named(8) yet,
> now might be a good time.
>
> Karl
>
> **********************************************************
> To unsubscribe from this list, send mail to
> [EMAIL PROTECTED] with the following text in the
> *body* (*not* the subject line) of the letter:
> unsubscribe gnhlug
> **********************************************************
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
