Security update for BIND
Knowledgebase
(Last modified: 13NOV2002)
solutions Security update for BIND SuSE Linux Maintenance Web (e938d7fb69a6dd9b6bd1ec005862d172)
SuSE Linux Admin-CD for Firewall
SuSE Linux Enterprise Server 7 for IBM zSeries
SuSE eMail Server III
SuSE Linux Enterprise Server 7 for PowerPC
SuSE Firewall on CD 2 - VPN
SuSE Linux Enterprise Server 7 for IA32
SuSE Linux Enterprise Server 7 for IA64
SuSE Linux Enterprise Server 7 for S/390 and zSeries
SuSE Linux Enterprise Server for S/390
SuSE eMail Server 3.1
SuSE Linux Office Server
SuSE Firewall Adminhost VPN
SuSE Firewall on CD 2
SuSE Linux Connectivity Server
Package: bind8
bindutil
Release: 20021113
Obsoletes: none
BIND8
name server.ISC
, authors of the BIND
domain name server, have publishedtwo advisories on vulnerabilities in the
BIND8
nameserver.
- There is a buffer overflow in the way named handles
SIG
records. This buffer overflow can be exploited to obtain access to the victim host under the account the named process is running with. In all SuSE products, named is configured to run as used "named". - There are several Denial Of Service problems in
BIND8
that allow remote attackers to terminate the named process.
ISC
. rcnamed stop rpm -Uvh bind8.rpm bindutil.rpm rcnamed start
Download Source Packages
Download the source code of the patches for maintained products.
Disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.