SSRT1-66U_V5_1 Tru64 V5.1 Potential Security Issues in BIND ECO Summary
TITLE: SSRT1-66U_V5_1 Tru64 V5.1 Potential Security Issues in BIND ECO Summary
IMPACT: Multiple Potential Security Issues in BIND
(X-REF: CERT CA-2000-20 & CERT CA-2001-02 )
Versions Affected: Compaq Tru64 UNIX V4.0d, V4.0f, V4.0g,
V5.0, V5.0a, V5.1
Versions Not Affected: TCP/IP Services for Compaq OpenVMS
A number of potential security vulnerabilities have recently been
discovered for BIND released with Tru64 UNIX, where under certain
circumstances, system integrity may be compromised.
This advisory provides solution information for 6 (six) issues
spanning multiple versions of BIND 8.* and BIND 4.*
This patch fixes problems reported by CERT CA-2001-02. It also includes
the patch required for CERT CA-2000-20.
The named version number is 8.2.2-P5-plus-CA-2000-20-plus-CA-2001-02
Installation Instructions:
--------------------------
As superuser: (assume patch files are in /tmp)
cp -p /usr/sbin/named /usr/sbin/named_orig
cp ./named /usr/sbin/named
chmod 0755 /usr/sbin/named
chown bin:bin /usr/sbin/named
cp -p /sbin/named /sbin/named_orig
cp ./named_sbin /sbin/named
chmod 0755 /sbin/named
chown bin:bin /sbin/named
cp -p /usr/sbin/named-xfer /usr/sbin/named-xfer_orig
cp ./named-xfer /usr/sbin/named-xfer
chmod 0755 /usr/sbin/named-xfer
chown bin:bin /usr/sbin/named-xfer
Stop and start named for the change to take effect.
/sbin/init.d/named stop
/sbin/init.d/named start
This patch can be found at any of these sites:
Colorado Site
Georgia Site
Files on this server are as follows:
ssrt1-66u_v5_1.README
ssrt1-66u_v5_1.CHKSUM
ssrt1-66u_v5_1.txt
ssrt1-66u_v5_1.tar
|