[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

(fwd) [CLSA-2000:338] Conectiva Linux Security Announcement - bind

To: linux-delhi@xxxxxxxxxxxxxxxxxxxxx, linux-india-help@xxxxxxxxxxxxxxxxxxxxx
Subject: (fwd) [CLSA-2000:338] Conectiva Linux Security Announcement - bind
From: Raju Mathur <raju@xxxxxxxxxxxxxxx>
Date: Sat, 11 Nov 2000 09:36:47 +0530 (IST)
Reply-to: raju@xxxxxxxxxxxxxxx

[All bind's are vulnerable to this Denial-of-Service (DoS) attack.
Please upgrade, whatever your distribution -- Raju]

This is an RFC 1153 digest.
(1 message)
----------------------------------------------------------------------

Return-Path: <BUGTRAQ@xxxxxxxxxxxxxxxxx>
Approved-By: aleph1@xxxxxxxxxxxxxxxxx
Delivered-To: bugtraq@xxxxxxxxxxxxxxxxxxxxxxx
X-Mailer: SAC - Sistema de Anuncios Conectiva v1.1 (PHP/3.0.18)
Message-ID:  <200011101955.RAA02517@xxxxxxxxxxxxxxxxxxxxxxxx>
Reply-To: secure@xxxxxxxxxxxxxxxx
X-To:         lwn@xxxxxxx, security-alert@xxxxxxxxxxxxxxxxx,
              linuxlist@xxxxxxxxxxxxxxxxxx
From: secure@xxxxxxxxxxxxxxxx
Sender: Bugtraq List <BUGTRAQ@xxxxxxxxxxxxxxxxx>
To: BUGTRAQ@xxxxxxxxxxxxxxxxx
Subject:      [CLSA-2000:338] Conectiva Linux Security Announcement - bind
Date:         Fri, 10 Nov 2000 17:55:58 -0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -----------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT
- -----------------------------------------------------------------------

PACKAGE   : bind
SUMMARY   : DoS vulnerability in zone transfers
DATE      : 2000-11-10 17:50:00
ID        : CLSA-2000:338
RELEVANT
RELEASES  : 4.0, 4.0es, 4.1, 4.2, 5.0, prg gráficos, ecommerce, 5.1

- ----------------------------------------------------------------------

DESCRIPTION
 The bind nameserver has a vulnerability regarding compressed zone
 tansfers that can be used in a DoS attack. This vulnerability can
 only be exploited by authorized zone transfers.
 The named daemon will crash if it receives such a zone transfer
 request from an authorized source address. The crash can be immediate
 or happen after a few seconds or minutes, and results in a disabled
 DNS service.


SOLUTION
 All users of the bind package should upgrade immediately.
 Packages for Conectiva Linux 5.0 and below now also have the named
 daemon running as user "named" instead of root.
 Updated bind-chroot packages are also available for Conectiva Linux
 5.1 users.

 After updating the packages, and if the previous version is running,
 issue the following command as root in order to run the new copy of
 named:

 /etc/rc.d/init.d/named restart


DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES
ftp://atualizacoes.conectiva.com.br/4.0/SRPMS/bind-8.2.2P7-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/bind-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/bind-devel-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/bind-doc-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/bind-utils-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/SRPMS/bind-8.2.2P7-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/bind-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/bind-devel-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/bind-doc-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/bind-utils-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/bind-8.2.2P7-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/bind-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/bind-devel-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/bind-doc-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/bind-utils-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/bind-8.2.2P7-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/bind-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/bind-devel-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/bind-doc-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/bind-utils-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/bind-8.2.2P7-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/bind-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/bind-devel-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/bind-doc-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/bind-utils-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/bind-8.2.2P7-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/bind-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/bind-devel-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/bind-doc-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/bind-utils-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/bind-chroot-8.2.2_P7-2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/bind-chroot-8.2.2_P7-2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/bind-8.2.2P7-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/bind-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/bind-devel-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/bind-doc-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/bind-utils-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/bind-8.2.2P7-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/bind-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/bind-devel-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/bind-doc-8.2.2P7-1cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/bind-utils-8.2.2P7-1cl.i386.rpm


- ----------------------------------------------------------------------
All packages are signed with Conectiva's GPG key. The key can be
obtained at http://www.conectiva.com.br/contato

- -----------------------------------------------------------------------
All our advisories and generic update instructions can be viewed at
http://www.conectiva.com.br/suporte/atualizacoes

- ----------------------------------------------------------------------
subscribe: atualizacoes-anuncio-subscribe@xxxxxxxxxxxxxxxxxxxxxxxxxxx
unsubscribe: atualizacoes-anuncio-unsubscribe@xxxxxxxxxxxxxxxxxxxxxxxxxxx
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE6DFLN42jd0JmAcZARAuT/AKDoZoIQUFEXCn406349r6ZMAYYZ1ACglGgi
T+VJkDlo1dnMj/rKOXgHWo4=
=k2jZ
-----END PGP SIGNATURE-----

------------------------------

End of this Digest
******************

Prev by Subject: (COMMERCIAL) - Accounting + Programming knowledge
Next by Subject: (fwd) [RHSA-2000:072-07] Updated gnorpm packages are available for Red Hat Linux 6.1, 6.2, and 7.0
Previous by thread: (fwd) [RHSA-2000:075-07] Updated usermode packages available
Next by thread: WHY LINUX COMPANIES GO BROKE?
Index(es):
- Subject
- Thread