Bugtraq mailing list archives
BIND NXT Bug Vulnerability
From: aleph1 () SECURITYFOCUS COM (Elias Levy)
Date: Wed, 10 Nov 1999 13:55:25 -0800
http://www.isc.org/products/BIND/bind-security-19991108.html Name: "nxt bug" Versions affected: 8.2, 8.2 patchlevel 1, 8.2.1 Severity: CRITICAL Exploitable: Remotely Type: Access possible Description: A bug in the processing of NXT records can theoretically allow an attacker to gain access to the system running the DNS server at whatever privilege level the DNS server runs at. Workarounds: None. Active Exploits: At this time, ISC is unaware of any active exploits of this vulnerability however given the potential access this vulnerability represents, it is probable scripts will be created in the near future that make use of this vulnerability. -- Elias Levy Security Focus http://www.securityfocus.com/
Current thread:
- Re: Security flaw in Cobalt RaQ2 cgiwrap, (continued)
- Re: Security flaw in Cobalt RaQ2 cgiwrap Nathan Neulinger (Nov 08)
- Re: Security flaw in Cobalt RaQ2 cgiwrap Chris Adams (Nov 09)
- undocumented bugs - nfsd Mariusz Marcinkiewicz (Nov 09)
- Re: undocumented bugs - nfsd Olaf Kirch (Nov 10)
- rpc.nfsd exploit code Mariusz Marcinkiewicz (Nov 10)
- Re: rpc.nfsd exploit code Crispin Cowan (Nov 11)
- WU-FTPD Mnemonix (Nov 11)
- Re: WU-FTPD hayward () SLOTHMUD ORG (Nov 12)
- Re: rpc.nfsd exploit code Mariusz Marcinkiewicz (Nov 12)
- Re: rpc.nfsd exploit code Rogier Wolff (Nov 12)
- Re: undocumented bugs - nfsd Olaf Kirch (Nov 10)
- Re: Security flaw in Cobalt RaQ2 cgiwrap Nathan Neulinger (Nov 08)
- BIND NXT Bug Vulnerability Elias Levy (Nov 10)
- Re: BIND NXT Bug Vulnerability Richard Trott (Nov 10)
- Re: BIND NXT Bug Vulnerability Mike Iglesias (Nov 10)
- [RHSA-1999:053-01] new NFS server pacakges available (5.2, 4.2) Bill Nottingham (Nov 10)
- Re: [linux-security] Re: undocumented bugs - nfsd Olaf Kirch (Nov 11)
- SmartServer3 POP3 BindView Advisory (Nov 11)
- THE 12th ANNUAL FIRST CONFERENCE on COMPUTER SECURITY michele sensalari (Nov 11)
- OS/390 Interlink Stack DoS with nmap bugz () NAZGUL COM (Nov 11)
- Re: OS/390 Interlink Stack DoS with nmap bugz () NAZGUL COM (Nov 17)
- [Debian] New version of proftpd fixes remote exploits Aleph One (Nov 11)