[<prev] [next>] [day] [month] [year] [list]
From: madduck at madduck.net (martin f krafft)
Subject: Fwd: PATCH to BIND-8.2.3 to get rid of the, unnecessary, and potentially dangerous fchown() calls
This just came in. It seems like a virus, if you ask me, there was
a file application/ms-download attached, named photo.exe. My virus
scanners did not detect anything, but since I haven't seen this
before, I thought I'd let you know.
Original attachment attached as encrypted ZIP file with p/w
'dangerous' (no quotes).
have fun.
----- Forwarded message from woods@...dad.com.ar -----
[[ note this posting is CC'ed to BUGTRAQ. I know of no current exploits
in BIND-8.2.3, but even so since I'm also enclosing a fix there may be
quite a few people who might want to be able to fix their own versions. ]]
The so-called "support" fix in change 999 of BIND-8.2.3 introduces some
unnecessary, and potentially very dangerous fchown() calls to named.
The worst one is the one that leaves the pid-file writable by the
supposedly
----- End forwarded message -----
--
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@...duck
keyserver problems? http://keyserver.kjsl.com/~jharris/keyserver.html
get my key here: http://madduck.net/me/gpg/publickey
"i doubt larry wall ever uses strict."
-- frederick heckel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: attach.zip
Type: application/zip
Size: 48631 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030606/504acbf8/attach.zip
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030606/504acbf8/attachment.bin
Powered by blists - more mailing lists