[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [linux] BIND with Linux distributions
Ca doit déjà daté ! Si ce n'est encore fait, grouillez-vous.
Le Vendredi 4 Mai 2001 13:58, vous avez écrit :
> Je pense que ceci peut en intéresser plus d'un :
>
> Linux tips for May 4, 2001
> Security alert: Have you upgraded BIND?
> The Berkeley Internet Name Domain (BIND) server that is commonly included
> with Linux distributions contains at least four known vulnerabilities that
> intruders are beginning to exploit, according to the CERT Coordination
> Center. Because BIND provides most of the domain name services for the
> Internet, these vulnerabilities could prove disastrous if system
> administrators fail to update to the latest version of BIND—and apparently,
> many have failed to do so. If you're running BIND on an internal network or
> one that's connected to the Internet, be sure to check your Linux
> distribution's support page to make sure you're running the latest version.
> For example, Red Hat is making updated BIND packages available on its site.
> Security alert: rpc.statd (NFS)
> An input validation vulnerability in the rpc.statd service enables
> intruders to gain root access to Linux systems. This service is generally
> included in the utilities provided with Network File System (NFS) support.
> If you are running NFS on your network, visit your Linux distribution's
> support page to obtain an upgraded copy of rpc.statd—and do so without
> delay. Unlike most of the vulnerabilities we warn you about, this one has
> already resulted in numerous system compromises. For more information, see
> the CERT Coordination Center's page on rpc.statd vulnerabilities.
>
>
> [ Soyez précis dans vos sujets svp afin de déterminer directement ]
> [ le type de demande... ]
> [ Pour vous (dés)inscrire, aller sur http://linuxbe.org/ml.php ]
> [ http://LinuxBe.org Contact: listmaster@linuxbe.org ]
--
Olivier Thauvin-CNRS Service Aeronomie
olivier.thauvin@aerov.jussieu.fr
Téléphone:
01 64 47 43 60 à Verrières (lundi,mercredi et vendredi)
01 44 27 47 59 à Jussieu (Mardi et Jeudi)
[ Soyez précis dans vos sujets svp afin de déterminer directement ]
[ le type de demande... ]
[ Pour vous (dés)inscrire, aller sur http://linuxbe.org/ml.php ]
[ http://LinuxBe.org Contact: listmaster@linuxbe.org ]