lug-bg: Bind8 vulnerability
Predpolagam, che ne mnogo hora sa vse oshte na bind8 ili bind4, no vse pak da spomena: http://www.isc.org/products/BIND/bind-security.html ima nov security problem v bind8 i bind4, za kojto ISC ne sa publikuvali patchove, i shte se izchakva vsichki vednors da pusnat patchnati versii, izglezhda, pone spored tova , koeto pishe tam. Osven vsichki, te (a i az :) ) preporuchvat na vsichki da upgradenat do bind9.2.1 , kojto nqma tozi problem. Osven vsicko ostanalo, bind9 ima dalech po-dobur security record ot bind8, mozhe bi zashtoto e totalno prenapisan :) ... :) Za boga bratq, upgrade-vajte : che ot tova mozhe da izleze sledvashtiq interesen worm. A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: Bind8 vulnerability
En réponse à ÷ÁÓÉÌ ëÏÌÅ× <[EMAIL PROTECTED]>: > Predpolagam, che ne mnogo hora sa vse oshte na bind8 ili bind4, no vse > pak da spomena: > > > http://www.isc.org/products/BIND/bind-security.html > > ima nov security problem v bind8 i bind4, za kojto ISC ne sa > publikuvali > patchove, i shte se izchakva vsichki vednors da pusnat patchnati > versii, > izglezhda, pone spored tova , koeto pishe tam. Osven vsichki, te (a i > az > :) ) preporuchvat na vsichki da upgradenat do bind9.2.1 , kojto nqma > tozi problem. Osven vsicko ostanalo, bind9 ima dalech po-dobur > security > record ot bind8, mozhe bi zashtoto e totalno prenapisan :) > Tova, che e prenapisan moje bi e naj-hubavata novina i malko obezsmislia moia vypros, no imajki poredvid, che BIND pochna da prilicha na Sendmail i WU-FTP po chestota i serioznost na bygovete, niama li niakoia po-leka i nadejdna alternativa na BIND? Rgds, Andrei A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: Bind8 vulnerability
Andrei Boyanov andrei-at-refer.bg |lug-bg/1.0-Allow| wrote: > Tova, che e prenapisan moje bi e naj-hubavata novina i malko > obezsmislia moia vypros, no imajki poredvid, che BIND pochna da > prilicha na Sendmail i WU-FTP po chestota i serioznost na bygovete, > niama li niakoia po-leka i nadejdna alternativa na BIND? Rgds, Áåç äà ñúì àç åêñïåðò, êîéòî ìîæå äà ïðåöåíè, äîñòà õîðà êàçâàò, ÷å djbdns å ìíîãî ïî-ñèãóðåí. Àâòîðúò îáà÷å å ìàëêî îñîáåí ÷åøèò. http://cr.yp.to/djbdns.html --JS A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: Bind8 vulnerability
Zdrasti! Moje da poglednesh djbdns. http://cr.yp.to/djbdns.html Rado Tova, che e prenapisan moje bi e naj-hubavata novina i malko obezsmislia moia vypros, no imajki poredvid, che BIND pochna da prilicha na Sendmail i WU-FTP po chestota i serioznost na bygovete, niama li niakoia po-leka i nadejdna alternativa na BIND? Rgds, Andrei A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: Bind8 vulnerability
Andrei Boyanov wrote: Osven vsicko ostanalo, bind9 ima dalech po-dobur security record ot bind8, mozhe bi zashtoto e totalno prenapisan :) Tova, che e prenapisan moje bi e naj-hubavata novina i malko obezsmislia moia vypros, no imajki poredvid, che BIND pochna da prilicha na Sendmail i WU-FTP po chestota i serioznost na bygovete, niama li niakoia po-leka i nadejdna alternativa na BIND? Eto edin spisyk s DNS software: http://cr.yp.to/djbdns/other.html -- Georgi Kupenov [EMAIL PROTECTED] A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: Bind8 vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 http://cr.yp.to/djbdns/guarantee.html - e, DJB ne e ljubim na cjal narod, ama :) http://sourceforge.net/projects/dents/ http://www.maradns.org/ http://customdns.sourceforge.net/ http://www.stanford.edu/~riepel/lbnamed/ - -- Take care Boris Jordanov (borj) <[EMAIL PROTECTED]> ICQ 10751645 PGP-key-fingerprint:-- CB23 8B52 5FBC F36A 1B61 F1ED 2831 E52D AAFF 7B08 - -- Public-key:--- http://borj.freeshell.org/borj.asc - -- To err is human... to really foul up requires the root password. -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE90hbGKDHlLar/ewgRAnJxAKCagrgRqagEZ/GvuGPV3sBFGjHCZgCfWqhB MmxYt70VoY4PzKHerOZUawE= =ar8O -END PGP SIGNATURE- A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: Bind8 vulnerability
- Original Message - From: "Andrei Boyanov" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, November 13, 2002 10:29 AM Subject: Re: lug-bg: Bind8 vulnerability > En réponse à ÷ÁÓÉÌ ëÏÌÅ× <[EMAIL PROTECTED]>: > > > Predpolagam, che ne mnogo hora sa vse oshte na bind8 ili bind4, no vse > > pak da spomena: > > > > > > http://www.isc.org/products/BIND/bind-security.html > > > > ima nov security problem v bind8 i bind4, za kojto ISC ne sa > > publikuvali > > patchove, i shte se izchakva vsichki vednors da pusnat patchnati > > versii, > > izglezhda, pone spored tova , koeto pishe tam. Osven vsichki, te (a i > > az > > :) ) preporuchvat na vsichki da upgradenat do bind9.2.1 , kojto nqma > > tozi problem. Osven vsicko ostanalo, bind9 ima dalech po-dobur > > security > > record ot bind8, mozhe bi zashtoto e totalno prenapisan :) > > > > Tova, che e prenapisan moje bi e naj-hubavata novina i malko obezsmislia moia > vypros, no imajki poredvid, che BIND pochna da prilicha na Sendmail i WU-FTP po > chestota i serioznost na bygovete, niama li niakoia po-leka i nadejdna > alternativa na BIND? > > Rgds, > > Andrei DJBDNS! Ot avtora na Qmail. Malak, burz, configurira se lesno. http://www.djbdns.org http://www.lifewithdjbdns.com http://cr.yp.to/djbdns.html http://cr.yp.to/djbdns/guarantee.html A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
RE: lug-bg: Bind8 vulnerability
Tyj kato gledam, 4e workaround-a za bugs w 8.3.3 e "Disable recursion if possible", to
ograni4awaneto i samo za poznati mrevi 4rez:
acl insidenet { xxx.xxx.xxx.xxx/xx; };
options {
.
allow-recursion { insidenets; };
.
};
w named.conf bi trqbwalo da swyr6i (izwestna) rabota.
Best e-gards,
Georgi Sinapov
-Original Message-
From: Âàñèë Êîëåâ [mailto:vasil@;bastun.net]
Sent: Tuesday, November 12, 2002 8:40 PM
To: [EMAIL PROTECTED]
Subject: lug-bg: Bind8 vulnerability
Predpolagam, che ne mnogo hora sa vse oshte na bind8 ili bind4, no vse
pak da spomena:
http://www.isc.org/products/BIND/bind-security.html
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
RE: lug-bg: Bind8 vulnerability
debian iskaraka advisory i fixes -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 196-1 [EMAIL PROTECTED] http://www.debian.org/security/ Daniel Jacobowitz November 14th, 2002 http://www.debian.org/security/faq - -- Package: bind Vulnerability : several Problem-Type : remote Debian-specific: no CVE Id : CAN-2002-1219 CAN-2002-1220 CAN-2002-1221 CERT advisory : VU#844360 VU#852283 VU#229595 VU#542971 [Bind version 9, the bind9 package, is not affected by these problems.] ISS X-Force has discovered several serious vulnerabilities in the Berkeley Internet Name Domain Server (BIND). BIND is the most common implementation of the DNS (Domain Name Service) protocol, which is used on the vast majority of DNS servers on the Internet. DNS is a vital Internet protocol that maintains a database of easy-to-remember domain names (host names) and their corresponding numerical IP addresses. Circumstancial evidence suggests that the Internet Software Consortium (ISC), maintainers of BIND, was made aware of these issues in mid-October. Distributors of Open Source operating systems, including Debian, were notified of these vulnerabilities via CERT about 12 hours before the release of the advisories on November 12th. This notification did not include any details that allowed us to identify the vulnerable code, much less prepare timely fixes. Unfortunately ISS and the ISC released their security advisories with only descriptions of the vulnerabilities, without any patches. Even though there were no signs that these exploits are known to the black-hat community, and there were no reports of active attacks, such attacks could have been developed in the meantime - with no fixes available. We can all express our regret at the inability of the ironically named Internet Software Consortium to work with the Internet community in handling this problem. Hopefully this will not become a model for dealing with security issues in the future. The Common Vulnerabilities and Exposures (CVE) project identified the following vulnerabilities: 1. CAN-2002-1219: A buffer overflow in BIND 8 versions 8.3.3 and earlier allows a remote attacker to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). This buffer overflow can be exploited to obtain access to the victim host under the account the named process is running with, usually root. 2. CAN-2002-1220: BIND 8 versions 8.3.x through 8.3.3 allows a remote attacker to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. 3. CAN-2002-1221: BIND 8 versions 8.x through 8.3.3 allows a remote attacker to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. These problems have been fixed in version 8.3.3-2.0woody1 for the current stable distribution (woody), in 8.2.3-0.potato.3 for the previous stable distribution (potato) and in version 8.3.3-3 for the unstable distribution (sid). The fixed packages for unstable will enter the archive today. We recommend that you upgrade your bind package immediately, update to bind9, or switch to another DNS server implementation. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian 2.2 (oldstable) - -- Oldstable was released for alpha, arm, i386, m68k, powerpc and sparc. Source archives: http://security.debian.org/pool/updates/main/b/bind/bind_8.2.3-0.potato. 3.dsc Size/MD5 checksum: 630 98f61786fa959c589c0a651868a622f9 http://security.debian.org/pool/updates/main/b/bind/bind_8.2.3-0.potato. 3.diff.gz Size/MD5 checksum: 162301 be163758728858c77dbee6ae67f9a5d5 http://security.debian.org/pool/updates/main/b/bind/bind_8.2.3.orig.tar. gz Size/MD5 checksum: 2610779 46b88bbdb1487951ddad41f42d96e913 Architecture independent packages: http://security.debian.org/pool/updates/main/b/bind/task-dns-server_8.2. 3-0.potato.3_all.deb Size/MD5 checksum:11784 e75edf3668a5e402a1786ead21dfa2c2 http://security.debian.org/pool/updates/main/b/bind/bind-doc_8.2.3-0.pot ato.3_all.deb Size/MD5 checksum: 1205360 c238cea2c548ce03599948fa94aa2e7d alpha architecture (DEC Alpha) http://security.debian.org/poo
RE: lug-bg: Bind8 vulnerability
Koeto shteshe da izleze dosta po-rano, ako ne beshe divotiqta ot strana na ISC, s announcement-ite 12 chasa, predi da predupredqt vsichki, che i zabaviha patchovete... Vupreki che, kato gledam, che pak e zameseno ISS, mi napomnq na dejstviqta okolo problemite sus apache i sshd. Íà ÷ò, 2002-11-14 â 19:27, Boyan Krosnov çàïèñà: > debian iskaraka advisory i fixes > A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
