Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: yes, there's another hole in BIND
From: barr () pop psu edu (David Barr)
Date: Fri, 22 Jul 1994 15:09:49 -0400

In message <9407221351.AA24121 () rwing UUCP>, Pat Myrto writes:

Security through obscurity is alive and well here, too, I see.  Therefore
the crackers who are exploiting the hole have the guaranteed knowlege
that all users of DNS are vulnerable.


Do they now?  Anyone watching the IN-ADDR.ARPA. stuff flying around the
net has got to have at least one synapse left to put 2+2 together and
figure out there's a security problem and what it is.


Great.

Perhaps more than ONE head working on the problem might be a good idea?
Surely there is more than ONE person that can devise a fix...


There are several people on the bind-workers list who actively (i mean
post patches within hours and minutes of new releases) support vix
on BIND.  There is by no means ONE person working on BIND, and I'm
confident that there are people on bind-workers who are familiar
enough with the issues and the code to either provide a fix or to
confirm vix's fix.

--Dave

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]