Problem with bind-8.2.2 - security...

Peter Rose peter.rose1 at ntlworld.com
Wed Feb 28 20:11:51 UTC 2001


Sounds like another hacking attack.
According to this list, since the security vulnerability in 8.2.2 was
widely publicised, every teenage hacker in town is trying to exploit it.

I was running 8.2.2.p7 on RH6.1 and that seemed to have been compromised
recently. Several other people on this list also appear to have been
attacked.

It seems you have to upgrade to at least 8.2.3.REL immediately or better
still 9.1

(good news - I compiled from source and installed for 8.2.3.REL and it
took about five minutes on RH6.1 - only complained about one zone file)

Good luck!

Peter Rose
London UK

In message <97javp$65j$1 at news.tpi.pl>, Piotr <piter021 at poczta.onet.pl>
writes
>I've got bind 8.2.2. Some beautiful morning I saw this information on my
>RH6.1 screen:
>Security: return onto stack running as UID0 EUID0, process named 7739
>and named was down.
>
>It happens many times in the past week. Can anyone help me to understand
>this information or have any idea what is going on with my named?
>
>Piotr
>
>
>

"I don't like your fashion business mister" 
  - Leonard Cohen / First We Take Manhattan


More information about the bind-users mailing list