From owner-freebsd-hackers Tue Nov 19 17:15:21 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id RAA21186 for hackers-outgoing; Tue, 19 Nov 1996 17:15:21 -0800 (PST) Received: from pdx1.world.net (pdx1.world.net [192.243.32.18]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id RAA21172; Tue, 19 Nov 1996 17:15:15 -0800 (PST) Received: from suburbia.net (suburbia.net [203.4.184.1]) by pdx1.world.net (8.7.5/8.7.3) with ESMTP id RAA19552; Tue, 19 Nov 1996 17:13:56 -0800 (PST) Received: (proff@localhost) by suburbia.net (8.7.4/Proff-950810) id MAA12392; Wed, 20 Nov 1996 12:13:33 +1100 From: Julian Assange Message-Id: <199611200113.MAA12392@suburbia.net> Subject: Re: Serious BIND resolver problem. (fwd) To: brian@mail.vividnet.com (Brian Wang) Date: Wed, 20 Nov 1996 12:13:33 +1100 (EST) Cc: freebsd-hackers@freebsd.org, freebsd-security@freebsd.org In-Reply-To: from "Brian Wang" at Nov 19, 96 03:24:44 pm X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > > > > On Tue, 19 Nov 1996, S(pork) wrote: > > > >From your friendly neighborhood paranoia victim comes yet another loaded > > question... > > > > I got this little advisory (thankfully without an exploit) today, and it's > > got me all worried. It's a problem in the whole gethostbyname call that > > allows (supposedly) local and remote users to gain root access using a > > variety of programs that rely on the gethostbyname call. So I downloaded > > BIND-4.9.3-REL which fixes all of this; and then I read the README in the > > BSD directory, got thoroughly confused, and posted my root password to > > #hack on irc. (kidding). Now this does not appear to be a simple feat > > (hence my posting to -questions and -security; security people can look at > > it and laugh, and questions can tell me all about "diff-ing my source > > tree" and "manually updating includes (which you may or may not have to > > do)." So my question is this; could anyone who's already updated this > > give me some advice or some pointers to this procedure?? The site > > carrying 4.9.3-REL is over at: ftp.vix.com/pub/bind/release > > > > Thanks All, > > > > Charles > > Charles, > > I think 4.9.5-REL over at ftp.vix.com/pub/bind/release/4.9.5 is > what you are looking for, and as suggested by the advisory. I just > updated our 2 name servers this morning, and all I did is make, and then > make install. > > Sincerely, > > Brian > it isn't the name servers you need to upgrade, it is the resolver libraries. -- "Of all tyrannies a tyranny sincerely exercised for the good of its victims may be the most oppressive. It may be better to live under robber barons than under omnipotent moral busybodies, The robber baron's cruelty may sometimes sleep, his cupidity may at some point be satiated; but those who torment us for own good will torment us without end, for they do so with the approval of their own conscience." - C.S. Lewis, _God in the Dock_ +---------------------+--------------------+----------------------------------+ |Julian Assange RSO | PO Box 2031 BARKER | Secret Analytic Guy Union | |proff@suburbia.net | VIC 3122 AUSTRALIA | finger for PGP key hash ID = | |proff@gnu.ai.mit.edu | FAX +61-3-98199066 | C7F81C2AA32D7D4E4D360A2ED2098E0D | +---------------------+--------------------+----------------------------------+