From jeffb@COBALTNET.COM Fri Dec 24 02:44:55 1999 From: Jeff Bilicki Resent-From: mea culpa To: BUGTRAQ@SECURITYFOCUS.COM Resent-To: jericho@attrition.org Date: Fri, 12 Nov 1999 17:08:19 -0800 Subject: [ Cobalt ] Security Advisory - Bind Cobalt Networks -- Security Advisory -- 11.12.1999 Problem: A bug in the processing of NXT records can theoretically allow an attacker to gain access to the system running the DNS server at whatever privilege level the DNS server runs at. The full description can be found at http://www.isc.org/products/BIND/bind-security-19991108.html Relevant products and architectures Product Architecture Vulnerable to NXT Qube1 MIPS no Qube2 MIPS no RaQ1 MIPS no RaQ2 MIPS no RaQ3 x86 yes RPMS: ftp://ftp.cobaltnet.com/pub/experimental/security/rpms/bind-8.2.2_P3-C2.i386.rpm ftp://ftp.cobaltnet.com/pub/experimental/security/rpms/bind-devel-8.2.2_P3-C2.i386.rpm ftp://ftp.cobaltnet.com/pub/experimental/security/rpms/bind-utils-8.2.2_P3-C2.i386.rpm SRPMS: ftp://ftp.cobaltnet.com/pub/experimental/security/srpms/bind-8.2.2_P3-C2.src.rpm MD5 sum Package Name ------------------------------------------------------------- 1cf09350860f4880423a85d27e976383 bind-8.2.2_P3-C2.i386.rpm ec5fba0ecd6a664dcbb4e1c9439ad7a5 bind-devel-8.2.2_P3-C2.i386.rpm 85fcfb6d05e8e2e6b8a64641037a106f bind-utils-8.2.2_P3-C2.i386.rpm You can verify each rpm using the following command: rpm --checksig [package] To install, use the following command, while logged in as root: rpm -U [package] The package file format (pkg) for this fix is currently in testing, and will be available in the near future. Jeff Bilicki Cobalt Networks