Security Incidents mailing list archives
Bind 9.2.X exploit???
From: ilker "güvercin" <holy () linuxmail org>
Date: 25 Jul 2002 01:05:05 -0000
I found a tool on my compramised machine called bind9 and the source code is still there. its made by team teso bind9 Exploit by by scut of teso [http://teso.scene.at/]... Usage: ./bind remote_addr domainname target_id Targets: 0 - Linux RedHat 6.0 (9.2.x) 1 - Linux RedHat 6.2 (9.2.x) 2 - Linux RedHat 7.2 (9.2.x) 3 - Linux Slackware 8.0 (9.2.x) 4 - Linux Debian (all) (9.2.x) 5 - FreeBSD 3.4 (8.2.x) 6 - FreeBSD 3.5 (8.2.x) 7 - FreeBSD 4.x (8.2.x) Example usage: $ host -t ns domain.com domain.com name server dns1.domain.com $ ./bind9 dns1.domain.com domain.com 0 [..expl output..] I didnt test it; its workin or not. Anybody have knowlegde about this.Sorry for my poor english:) if anyone wanna test it I can send the source code. holy () linuxmail org ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Bind 9.2.X exploit??? güvercin (Jul 24)
- Re: Bind 9.2.X exploit??? Patrick Andry (Jul 25)
- Re: Bind 9.2.X exploit??? David Conrad (Jul 25)
- Re: Bind 9.2.X exploit??? Jim Clausing (Jul 25)
- Re: Bind 9.2.X exploit??? David Conrad (Jul 25)
- Surge of attacks on ports 61127 & 61134 Joseph (Jul 25)
- Re: Bind 9.2.X exploit??? Patrick Andry (Jul 25)
- Re: Bind 9.2.X exploit??? Alexandru Balan (Jul 26)
- Re: Bind 9.2.X exploit??? David Carmean (Jul 26)
- <Possible follow-ups>
- Re: Bind 9.2.X exploit??? Muhammad Faisal Rauf Danka (Jul 25)
- Re: Bind 9.2.X exploit??? Sebastian (Jul 25)