Re: debian.org DNSs allow unrestricted zone transfers
On Tue, 15 May 2007, Abel Martín wrote: I thought zone transfers should only be possible between DNSs which have records for the same domain, so why are debian.org DNSs (raff, Only if you have a reason to hide who is in your domain. possibility of suffering DoS attacks (it serves 254 records). Is there an explanation for this? Well, I am not sure about the DoS possibilities, but I take advantage of the fact that it allows zone tranfers to have a local mirror of @d.o in my bind resolver. -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [SECURITY] [DSA 1291-1] New samba packages fix multiple vulnerabilities
Geoff Crompton wrote: Noah Meyerhans wrote: Debian Security Advisory DSA-1291-1[EMAIL PROTECTED] http://www.debian.org/security/ Noah Meyerhans May 15, 2007 Nice work on getting this out. Is sarge going to get an update, is it even affected? I've looked into CVE-2007-2444, and http://www.securityfocus.com/bid/23974/ says that the version in sarge is affected. Sarge is still missing a few builds. Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [SECURITY] [DSA 1291-1] New samba packages fix multiple vulnerabilities
Moritz Muehlenhoff [EMAIL PROTECTED] writes: Nice work on getting this out. Is sarge going to get an update, is it even affected? I've looked into CVE-2007-2444, and http://www.securityfocus.com/bid/23974/ says that the version in sarge is affected. Sarge is still missing a few builds. And what about updated packages for sparc and arm? My samba daemon runs on an old Ultra 60... :-) -- Grüße, | http://www.korber.org +++ mailto:[EMAIL PROTECTED] Thomas |Linux User Group Ingolstadt: http://www.lug-in.de PGP-ID: 0x4603A0E3 | A4B3 BA2A DDC8 B771 8084 CD4D BE14 5C3E 4603 A0E3
Re: [SECURITY] [DSA 1291-1] New samba packages fix multiple vulnerabilities
On Wed, May 16, 2007 at 09:39:56PM +0200, Thomas Korber wrote: Moritz Muehlenhoff [EMAIL PROTECTED] writes: Nice work on getting this out. Is sarge going to get an update, is it even affected? I've looked into CVE-2007-2444, and http://www.securityfocus.com/bid/23974/ says that the version in sarge is affected. Sarge is still missing a few builds. And what about updated packages for sparc and arm? My samba daemon runs on an old Ultra 60... :-) For the moment you may be better off without the update. See e.g. bug 424629. (obviously if you machines get rooted then this isn't much help...) noah signature.asc Description: Digital signature