Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY LINKS NEWS MAN DOCUMENTATION

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Date: Wed, 10 Nov 1999 13:55:25 -0800
From: Elias Levy <[email protected]>
To: [email protected]
Subject: BIND NXT Bug Vulnerability

http://www.isc.org/products/BIND/bind-security-19991108.html


Name: "nxt bug"

   Versions affected:     8.2, 8.2 patchlevel 1, 8.2.1
   Severity:     CRITICAL
   Exploitable:     Remotely
   Type:     Access possible

Description:

   A bug in the processing of NXT records can theoretically allow an
   attacker to gain access to the system running the DNS server at
   whatever privilege level the DNS server runs at.

Workarounds:

   None.

Active Exploits:

   At this time, ISC is unaware of any active exploits of this
   vulnerability however given the potential access this vulnerability
   represents, it is probable scripts will be created in the near future
   that make use of this vulnerability.

--
Elias Levy
Security Focus
http://www.securityfocus.com/

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Партнёры:

Хостинг: