[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Whom the BIND newest vulnerability concerns?

On Fri, Nov 12, 1999 at 02:06:23PM +0100, Tomasz Papszun wrote:

> the slink (stable) version of bind (1:8.1.2­5) is relatively old and -
> according to 
> http://www.isc.org/products/BIND/bind-security-19991108.html
> - it contains a few security bugs. 
> The newest vulnerability _may_ lead to remote root compromise.
> Is a corrected package expected?
> I'm a little scared of this latest bug... It is connected with "the
> processing of NXT records". I haven't managed to find a clear description
> of this type (NXT) records; seems this is quite new type. 

AIUI NXT support was only introduced in 8.2, so 8.1 should be immune to
this attack, however I think it's vulnerable to at least some of the


So long, and thanks for all the fish.                                   
This .sig was brought to you by the letter G and the numbers 5 & 20
Product of the Republic of HuggieTag

Reply to: