Full Disclosure mailing list archives
Fwd: PATCH to BIND-8.2.3 to get rid of the, unnecessary, and potentially dangerous fchown() calls
From: martin f krafft <madduck () madduck net>
Date: Fri, 6 Jun 2003 12:22:22 +0200
This just came in. It seems like a virus, if you ask me, there was a file application/ms-download attached, named photo.exe. My virus scanners did not detect anything, but since I haven't seen this before, I thought I'd let you know. Original attachment attached as encrypted ZIP file with p/w 'dangerous' (no quotes). have fun. ----- Forwarded message from woods () ciudad com ar ----- [[ note this posting is CC'ed to BUGTRAQ. I know of no current exploits in BIND-8.2.3, but even so since I'm also enclosing a fix there may be quite a few people who might want to be able to fix their own versions. ]] The so-called "support" fix in change 999 of BIND-8.2.3 introduces some unnecessary, and potentially very dangerous fchown() calls to named. The worst one is the one that leaves the pid-file writable by the supposedly ----- End forwarded message ----- -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck keyserver problems? http://keyserver.kjsl.com/~jharris/keyserver.html get my key here: http://madduck.net/me/gpg/publickey "i doubt larry wall ever uses strict." -- frederick heckel
Attachment:
attach.zip
Description:
Attachment:
_bin
Description:
Current thread:
- Fwd: PATCH to BIND-8.2.3 to get rid of the, unnecessary, and potentially dangerous fchown() calls martin f krafft (Jun 06)