Security Incidents mailing list archives
Re: Lion Worm/crew.tgz/suspect bind versions
From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Tue, 27 Mar 2001 10:28:30 -0500
On Tue, 27 Mar 2001 10:10:21 +0300, Lucian Hudin said:
Bind 8.1.2 isn't vulnerable, and still widely used. Sometimes people downgrade from 8.2.x to 8.1.2.
It isn't vulnerable to *this* bug. Note that the TSIG bug and the recent off-by-one error were both listed as [bug] rather than [security] in the BIND src/CHANGES file. You might want to look at http://www.cert.org/advisories/CA-1999-14.html and see if you can convince yourself that BIND 8.1.2 is immune to all 6 attacks listed. You may also want to look at ftp://ftp.auscert.org.au/pub/auscert/advisory/AL-1999.004.dns_dos which notes that BIND 8.2.1 requires a patch to fix another issue... Other than all *those* problems, yes, I guess 8.1.2 *is* secure. ;) -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
Attachment:
_bin
Description:
Current thread:
- Re: Lion Worm/crew.tgz, (continued)
- Re: Lion Worm/crew.tgz John Jasen (Mar 26)
- Re: Lion Worm/crew.tgz Cooper (Mar 26)
- Re: Lion Worm/crew.tgz John Jasen (Mar 26)
- Re: Lion Worm/crew.tgz Daniel Martin (Mar 26)
- Re: Lion Worm/crew.tgz Cooper (Mar 26)
- Message not available
- Re: Lion Worm/crew.tgz Chris Keladis (Mar 26)
- Re: Lion Worm/crew.tgz Cooper (Mar 26)
- Re: Lion Worm/crew.tgz John Jasen (Mar 26)
- Lion Worm/crew.tgz/suspect bind versions Lawrence Frewin of Accommodation.com (Mar 24)
- Re: Lion Worm/crew.tgz/suspect bind versions Valdis Kletnieks (Mar 26)
- Re: Lion Worm/crew.tgz/suspect bind versions Lucian Hudin (Mar 27)
- Re: Lion Worm/crew.tgz/suspect bind versions Valdis Kletnieks (Mar 27)