[12518] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

BIND NXT Bug Vulnerability

daemon@ATHENA.MIT.EDU (Elias Levy)
Wed Nov 10 17:09:19 1999

Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id:  <19991110135525.A21417@securityfocus.com>
Date:         Wed, 10 Nov 1999 13:55:25 -0800
Reply-To: aleph1@SECURITYFOCUS.COM
From: Elias Levy <aleph1@SECURITYFOCUS.COM>
X-To:         bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM

http://www.isc.org/products/BIND/bind-security-19991108.html

Name: "nxt bug"

   Versions affected:     8.2, 8.2 patchlevel 1, 8.2.1
   Severity:     CRITICAL
   Exploitable:     Remotely
   Type:     Access possible

Description:

   A bug in the processing of NXT records can theoretically allow an
   attacker to gain access to the system running the DNS server at
   whatever privilege level the DNS server runs at.

Workarounds:

   None.

Active Exploits:

   At this time, ISC is unaware of any active exploits of this
   vulnerability however given the potential access this vulnerability
   represents, it is probable scripts will be created in the near future
   that make use of this vulnerability.

--
Elias Levy
Security Focus
http://www.securityfocus.com/


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[12518] in bugtraq

BIND NXT Bug Vulnerability

daemon@ATHENA.MIT.EDU (Elias Levy)Wed Nov 10 17:09:19 1999

daemon@ATHENA.MIT.EDU (Elias Levy)
Wed Nov 10 17:09:19 1999