older security bug in bind?
David R. Conrad
David.Conrad at nominum.com
Wed May 3 22:49:45 UTC 2000
Hi,
> I run the latest versin of bind on our nameservers,
> but I did have a caching only ns running bind 8.2-6
>
> Somehow someone did get access to the box by some process I am not
> sure of, I just suspect named.
There are several scripts which exploit the NXT bug that are currently
floating around the Internet. If you are running BIND version 8.2, 8.2
patchlevel 1, or 8.2.1, you are _extremely_ vulnerable.
> is it possible that this older version of bind could allow someone to
> do that.. it was running via default settings.. (root)
Yes. I would also recommend running named as non-root.
Rgds,
-drc
More information about the bind-users
mailing list