Does this patch work with just plain ole 'bind' (not bind9)? That package also seems vulnerable...
Micah Patrik Wallstrom wrote: > Package: bind9 > Version: 1:9.3.2-2.1 > Severity: normal > Tags: patch > > > http://www.niscc.gov.uk/niscc/docs/re-20060905-00590.pdf?lang=en > > Since most BIND installations are also open recursive resolvers, it is too > easy to shoot down the named process from anywhere. > > Source: > ftp://ftp.isc.org/isc/bind9/9.3.2-P1/bind-9.3.2-P1.tar.gz > ftp://ftp.isc.org/isc/bind9/9.3.2-P1/bind-9.3.2-P1.tar.gz.asc > ftp://ftp.isc.org/isc/bind9/9.3.2-P1/bind-9.3.2-P1.tar.gz.sha256.asc > ftp://ftp.isc.org/isc/bind9/9.3.2-P1/bind-9.3.2-P1.tar.gz.sha512.asc > > Public key from here: > http://www.isc.org/about/openpgp/pgpkey2006.txt > > -- System Information: > Debian Release: testing/unstable > APT prefers unstable > APT policy: (990, 'unstable') > Architecture: i386 (i686) > Shell: /bin/sh linked to /bin/bash > Kernel: Linux 2.6.13.2 > Locale: LANG=en, LC_CTYPE=sv_SE (charmap=UTF-8) (ignored: LC_ALL set to > en_US.UTF-8) > > Versions of packages bind9 depends on: > ii adduser 3.97 Add and remove users and groups > ii libbind9-0 1:9.3.2-2.1 BIND9 Shared Library used by BIND > ii libc6 2.3.6.ds1-4 GNU C Library: Shared libraries > ii libdns21 1:9.3.2-2.1 DNS Shared Library used by BIND > ii libisc11 1:9.3.2-2.1 ISC Shared Library used by BIND > ii libisccc0 1:9.3.2-2.1 Command Channel Library used by > BI > ii libisccfg1 1:9.3.2-2.1 Config File Handling Library > used > ii liblwres9 1:9.3.2-2.1 Lightweight Resolver Library > used > ii libssl0.9.8 0.9.8b-2 SSL shared libraries > ii lsb-base 3.1-15 Linux Standard Base 3.1 init > scrip > ii netbase 4.26 Basic TCP/IP networking system > > bind9 recommends no packages. > > -- no debconf information > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
