is bind-8.2.2p7 vulnerable?

Brad Knowles brad.knowles at skynet.be
Mon May 7 17:25:23 UTC 2001


At 1:09 PM -0400 5/7/01, Sergey Nikolaev wrote:

>  Does bind-8.2.2p7 have vulnerabilities mentioned in the cert advisories,

	Yup.

>  or 'p7' fixes them?

	Nope.  Upgrade to 8.2.3-REL at the very least, or preferably to 
8.2.4 (released today, I believe), or ideally to 9.1.2 (released last 
week).

-- 
Brad Knowles, <brad.knowles at skynet.be>

/*        efdtt.c  Author:  Charles M. Hannum <root at ihack.net>          */
/*       Represented as 1045 digit prime number by Phil Carmody         */
/*     Prime as DNS cname chain by Roy Arends and Walter Belgers        */
/*                                                                      */
/*     Usage is:  cat title-key scrambled.vob | efdtt >clear.vob        */
/*   where title-key = "153 2 8 105 225" or other similar 5-byte key    */

dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'


More information about the bind-users mailing list