ANNOUNCE Security patches for INN (pre-1.5.1 versions).

[jared () PUCK NETHER NET (Jared Mauch)]

        There have been about 10 attacks from different folks that
I've noticed in the past 72 hours from folks.

        The other solution is just to comment out all of your
control.ctl file for this problem.  You can find the hacks posted
elsewhere, but you should upgrade if you have not already, or at
least apply the patches.

        - Jared Mauch

----- Forwarded message from James A. Brister -----

> From owner-inn-announce-outgoing () vix com  Mon Mar 17 18:38:09 1997
Message-Id: <199703172022.VAA22641 () velo pp vix com>
From: inn () isc org (James A. Brister)
To: inn-announce () vix com
Cc: inn () isc org
Reply-To: inn () isc org
Subject: ANNOUNCE Security patches for INN (pre-1.5.1 versions).
Organization: Internet Software Consortium
Date: Mon, 17 Mar 1997 21:22:15 +0100
Sender: owner-inn-announce () vix com
Precedence: bulk


As you may have heard, a security hole in INN has been the subject
of some forged control messages, which try to gather password file
contents.

I recommend running 1.5.1, but if you're running a pre-1.5.1 version
of INN, then please go look at our web page http://www.isc.org/inn.html
or the ftp site ftp://ftp.isc.org/isc/inn/patches for patches to
1.4sec, 1.4unoff3, 1.4unoff4 and 1.5 to correct this.

Thanks

James
--
James Brister                                             brister () vix com
Internet Software Consortium      http://www.isc.org      inn () isc org

----- End of forwarded message from James A. Brister -----

--
To err is human, to forgive is Not Company Policy.
--
Jared Mauch - CICNet - jared () cic net - http://www.cic.net/ - visit my personal
page at http://puck.nether.net/~jared/