[28086] in bugtraq
ezmlm warning
daemon@ATHENA.MIT.EDU (bugtraq-help@securityfocus.com)
Tue Dec 3 05:28:37 2002
Date: 3 Dec 2002 10:07:07 -0000
Message-ID: <1038910027.2088.ezmlm-warn@securityfocus.com>
From: bugtraq-help@securityfocus.com
To: bugtraq-redist@mit.edu
Content-type: text/plain; charset=us-ascii
Hi! This is the ezmlm program. I'm managing the
bugtraq@securityfocus.com mailing list.
I'm working for my owner, who can be reached
at bugtraq-owner@securityfocus.com.
Messages to you from the bugtraq mailing list seem to
have been bouncing. I've attached a copy of the first bounce
message I received.
If this message bounces too, I will send you a probe. If the probe bounces,
I will remove your address from the bugtraq mailing list,
without further notice.
I've kept a list of which messages from the bugtraq mailing list have
bounced from your address.
Copies of these messages may be in the archive.
To retrieve a set of messages 123-145 (a maximum of 100 per request),
send an empty message to:
<bugtraq-get.123_145@securityfocus.com>
To receive a subject and author list for the last 100 or so messages,
send an empty message to:
<bugtraq-index@securityfocus.com>
Here are the message numbers:
7336
7343
7343
7336
7343
7371
7373
7340
7366
7369
7338
7370
7340
7372
7380
--- Enclosed is a copy of the bounce message I received.
Return-Path: <>
Received: (qmail 11819 invoked from network); 21 Nov 2002 15:43:18 -0000
Received: from unknown (HELO securityfocus.com) (205.206.231.9)
by lists.securityfocus.com with SMTP; 21 Nov 2002 15:43:18 -0000
Received: (qmail 8716 invoked by alias); 21 Nov 2002 15:59:14 -0000
Received: (qmail 8663 invoked from network); 21 Nov 2002 15:59:13 -0000
Received: from outgoing2.securityfocus.com (HELO outgoing.securityfocus.com) (205.206.231.26)
by mail.securityfocus.com with SMTP; 21 Nov 2002 15:59:13 -0000
Received: by outgoing.securityfocus.com (Postfix)
id 4AF4298032; Wed, 20 Nov 2002 10:12:22 -0700 (MST)
Date: Wed, 20 Nov 2002 10:12:22 -0700 (MST)
From: MAILER-DAEMON@outgoing.securityfocus.com (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
To: bugtraq-return-7336-bugtraq-redist=mit.edu@securityfocus.com
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="2FE9B8F29D.1037811892/outgoing.securityfocus.com"
Message-Id: <20021120171222.4AF4298032@outgoing.securityfocus.com>
This is a MIME-encapsulated message.
--2FE9B8F29D.1037811892/outgoing.securityfocus.com
Content-Description: Notification
Content-Type: text/plain
This is the Postfix program at host outgoing.securityfocus.com.
I'm sorry to have to inform you that the message returned
below could not be delivered to one or more destinations.
For further assistance, please send mail to <postmaster>
If you do so, please include this problem report. You can
delete your own text from the message returned below.
The Postfix program
<bugtraq-redist@mit.edu>: Name service error for mit.edu: Host not found, try
again
--2FE9B8F29D.1037811892/outgoing.securityfocus.com
Content-Description: Delivery error report
Content-Type: message/delivery-status
Reporting-MTA: dns; outgoing.securityfocus.com
Arrival-Date: Mon, 18 Nov 2002 08:02:17 -0700 (MST)
Final-Recipient: rfc822; bugtraq-redist@mit.edu
Action: failed
Status: 4.0.0
Diagnostic-Code: X-Postfix; Name service error for mit.edu: Host not found, try
again
--2FE9B8F29D.1037811892/outgoing.securityfocus.com
Content-Description: Undelivered Message
Content-Type: message/rfc822
Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19])
by outgoing.securityfocus.com (Postfix) with QMQP
id 2FE9B8F29D; Mon, 18 Nov 2002 08:02:17 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 28082 invoked from network); 18 Nov 2002 13:07:04 -0000
Date: Mon, 18 Nov 2002 14:39:24 +0100
To: bugtraq@securityfocus.com
Subject: TSLSA-2002-0076 - bind
Message-ID: <20021118133924.GA1082@trustix.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.3.28i
From: tsl@trustix.com (Trustix Secure Linux Advisor)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2002-0076
Package name: bind
Summary: Remote exploit
Date: 2002-11-15
Affected versions: TSL 1.1, 1.2, 1.5
- --------------------------------------------------------------------------
Package description:
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols. BIND includes a DNS server (named),
which resolves host names to IP addresses, and a resolver library
(routines for applications to use when interfacing with DNS).
Problem description:
ISS X-Force has found a number of problems in all BIND 8 series up to
and including 8.2.6 and 8.3.3. Two of these can cause BIND to crash
causing a denial of service attack, whereas the last can be used to
execute arbitary code on the victim.
Action:
We recommend that all systems with this package installed be upgraded.
Please note that if you do not need the functionality provided by this
package, you may want to remove it from your system.
Location:
All TSL updates are available from
<URI:http://www.trustix.net/pub/Trustix/updates/>
<URI:ftp://ftp.trustix.net/pub/Trustix/updates/>
About Trustix Secure Linux:
Trustix Secure Linux is a small Linux distribution for servers. With focus on
security and stability, the system is painlessly kept safe and up to date
from day one using swup, the automated software updater.
Automatic updates:
Users of the SWUP tool can enjoy having updates automatically
installed using 'swup --upgrade'.
Get SWUP from:
<URI:ftp://ftp.trustix.net/pub/Trustix/software/swup/>
Public testing:
These packages have been available for public testing for some time.
If you want to contribute by testing the various packages in the
testing tree, please feel free to share your findings on the
tsl-discuss mailinglist.
The testing tree is located at
<URI:http://www.trustix.net/pub/Trustix/testing/>
<URI:ftp://ftp.trustix.net/pub/Trustix/testing/>
Questions?
Check out our mailing lists:
<URI:http://www.trustix.net/support/>
Verification:
This advisory along with all TSL packages are signed with the TSL sign key.
This key is available from:
<URI:http://www.trustix.net/TSL-GPG-KEY>
The advisory itself is available from the errata pages at
<URI:http://www.trustix.net/errata/trustix-1.2/> and
<URI:http://www.trustix.net/errata/trustix-1.5/>
or directly at
<URI:http://www.trustix.net/errata/misc/2002/TSL-2002-0076-bind.asc.txt>
MD5sums of the packages:
- --------------------------------------------------------------------------
7ca823f5bdcda62354971ba527659f8f ./1.1/RPMS/bind-8.2.6-2tr.i586.rpm
97e22862a18c94181f004b2961474a61 ./1.1/RPMS/bind-devel-8.2.6-2tr.i586.rpm
1b3924c34061398f64906a41bc4e103e ./1.1/RPMS/bind-utils-8.2.6-2tr.i586.rpm
9b353d2f2beef989a4d34fa9fd04cc30 ./1.1/SRPMS/bind-8.2.6-2tr.src.rpm
979d763efbec95a6104b8df307a52ab2 ./1.2/RPMS/bind-8.2.6-2tr.i586.rpm
a219f2f92ea9f4cccb74c4ac9fcc8f69 ./1.2/RPMS/bind-devel-8.2.6-2tr.i586.rpm
cc97ab8e12caaff576063d150d7216e7 ./1.2/RPMS/bind-utils-8.2.6-2tr.i586.rpm
9b353d2f2beef989a4d34fa9fd04cc30 ./1.2/SRPMS/bind-8.2.6-2tr.src.rpm
aa38424ba1671b811aec3265e3764390 ./1.5/RPMS/bind-8.2.6-2tr.i586.rpm
74a18eed135150b64f62fb398d823175 ./1.5/RPMS/bind-devel-8.2.6-2tr.i586.rpm
74b1f15664668fcfa0da9b52f55d7745 ./1.5/RPMS/bind-utils-8.2.6-2tr.i586.rpm
9b353d2f2beef989a4d34fa9fd04cc30 ./1.5/SRPMS/bind-8.2.6-2tr.src.rpm
- --------------------------------------------------------------------------
Trustix Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE92NuHwRTcg4BxxS0RAraRAJ0Q+GDhIUUv0gbgv91q1ZmnFqkTHACfaRST
KUB6bSTouOiksfknm0Mc/6I=
=brw5
-----END PGP SIGNATURE-----
--2FE9B8F29D.1037811892/outgoing.securityfocus.com--
