Re: [atlarge-discuss] Serious Flaws Found in BIND Server Software

["J-F C. (Jefsey) Morfin" <jefsey@club-internet.fr>]

Right now only djbdns and Bind 9.3 should be used. The mere fact that a 
large number of Bind 4 are still in use shows the difficulty to consider 
the Internet as a network. This is the real challenge of the White House 
Cyberspace Security team. And ours. jfc



On 04:37 13/11/02, Sotiris Sotiropoulos said:

> http://www.eweek.com/article2/0,3959,696200,00.asp
>
> "Security researchers have discovered several serious new
> vulnerabilities in the BIND software that runs on the vast
> majority of the Internet's DNS servers. The most serious
> flaw, a buffer overrun in both BIND 4 and BIND 8, enables
> an attacker to execute arbitrary code on a vulnerable
> server.
>
> The Internet Software Consortium, which maintains the free
> BIND (Berkeley Internet Name Domain) software, has
> released patches for both affected versions. "
>
>
> Sincerely,
>
> Sotiris Sotiropoulos
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: atlarge-discuss-unsubscribe@lists.fitug.de
> For additional commands, e-mail: atlarge-discuss-help@lists.fitug.de
>
>
>
> ---
> Incoming mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.410 / Virus Database: 231 - Release Date: 31/10/02
---------------------------------------------------------------------
To unsubscribe, e-mail: atlarge-discuss-unsubscribe@lists.fitug.de
For additional commands, e-mail: atlarge-discuss-help@lists.fitug.de