bind8, libpcap, tcpdump

Dan Osterrath do3 at mail.inf.tu-dresden.de
Thu Nov 14 04:53:31 PST 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Although these packages are not listed in the BLFS book I wanna give a hint for everyone using these packages:

In bind 4 and bind 8 there are several vulnerabilities. 
http://www.isc.org/products/BIND/bind-security.html
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469
http://www.cert.org/advisories/CA-2002-31.html

And in libpcap and tcpdump might be a trojan horse when downloaded from http://tcpdump.org
http://www.heise.de/newsticker/data/pab-13.11.02-002/
http://www.cert.org/advisories/CA-2002-30.html

- -- 
- ----------------------------------------------------------------------
%> ln -s /dev/null /dev/brain
%> ln -s /dev/urandom /dev/world
%> dd if=/dev/world of=/dev/brain
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE905zO9NbB8EM160MRAmUDAKC6lv/an1e7vmyDPNzwiEJWrbF5qwCeKiEh
rsAEODL4P2VXooWr57hTzfs=
=LNs5
-----END PGP SIGNATURE-----

-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-security' in the subject header of the message



More information about the lfs-security mailing list