Re: [linux] BIND with Linux distributions

Fri, 4 May 2001 14:47:33 +0200 

Ca doit d�j� dat� ! Si ce n'est encore fait, grouillez-vous.

Le Vendredi  4 Mai 2001 13:58, vous avez �crit :
> Je pense que ceci peut en int�resser plus d'un :
>
> Linux tips for May 4, 2001
> Security alert: Have you upgraded BIND?
> The Berkeley Internet Name Domain (BIND) server that is commonly included
> with Linux distributions contains at least four known vulnerabilities that
> intruders are beginning to exploit, according to the CERT Coordination
> Center. Because BIND provides most of the domain name services for the
> Internet, these vulnerabilities could prove disastrous if system
> administrators fail to update to the latest version of BIND�and apparently,
> many have failed to do so. If you're running BIND on an internal network or
> one that's connected to the Internet, be sure to check your Linux
> distribution's support page to make sure you're running the latest version.
> For example, Red Hat is making updated BIND packages available on its site.
> Security alert: rpc.statd (NFS)
> An input validation vulnerability in the rpc.statd service enables
> intruders to gain root access to Linux systems. This service is generally
> included in the utilities provided with Network File System (NFS) support.
> If you are running NFS on your network, visit your Linux distribution's
> support page to obtain an upgraded copy of rpc.statd�and do so without
> delay. Unlike most of the vulnerabilities we warn you about, this one has
> already resulted in numerous system compromises. For more information, see
> the CERT Coordination Center's page on rpc.statd vulnerabilities.
>
>
> [ Soyez pr�cis dans vos sujets svp afin de d�terminer directement  ]
> [ le type de demande...                                            ]
> [ Pour vous (d�s)inscrire, aller sur http://linuxbe.org/ml.php     ]
> [ http://LinuxBe.org              Contact: [EMAIL PROTECTED]  ]

-- 
Olivier Thauvin-CNRS Service Aeronomie
[EMAIL PROTECTED] 
T�l�phone:
01 64 47 43 60 � Verri�res (lundi,mercredi et vendredi)
01 44 27 47 59 � Jussieu (Mardi et Jeudi)



[ Soyez pr�cis dans vos sujets svp afin de d�terminer directement  ]
[ le type de demande...                                            ]
[ Pour vous (d�s)inscrire, aller sur http://linuxbe.org/ml.php     ]
[ http://LinuxBe.org              Contact: [EMAIL PROTECTED]  ]

Répondre à