lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: madduck at madduck.net (martin f krafft)
Subject: Fwd: PATCH to BIND-8.2.3 to get rid of the, unnecessary, and potentially dangerous fchown() calls

This just came in. It seems like a virus, if you ask me, there was
a file application/ms-download attached, named photo.exe. My virus
scanners did not detect anything, but since I haven't seen this
before, I thought I'd let you know.

Original attachment attached as encrypted ZIP file with p/w
'dangerous' (no quotes).

have fun.

----- Forwarded message from woods@...dad.com.ar -----

[[ note this posting is CC'ed to BUGTRAQ.  I know of no current exploits
in BIND-8.2.3, but even so since I'm also enclosing a fix there may be
quite a few people who might want to be able to fix their own versions. ]]

The so-called "support" fix in change 999 of BIND-8.2.3 introduces some
unnecessary, and potentially very dangerous fchown() calls to named.

The worst one is the one that leaves the pid-file writable by the
supposedly 

----- End forwarded message -----

-- 
martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@...duck
 
keyserver problems? http://keyserver.kjsl.com/~jharris/keyserver.html
get my key here: http://madduck.net/me/gpg/publickey
 
"i doubt larry wall ever uses strict."
                                                   -- frederick heckel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: attach.zip
Type: application/zip
Size: 48631 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030606/504acbf8/attach.zip
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030606/504acbf8/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ