Security Incidents mailing list archives

Re: Bind 9.2.X exploit???

From: David Carmean <dlc () halibut com>
Date: Fri, 26 Jul 2002 09:14:35 -0700

On Fri, Jul 26, 2002 at 01:19:29PM +0300, Alexandru Balan wrote:

i asked the guy for the exploit, ran it. and it seems to fork in
background and afterwards it starts flooding with UDP packets 
161.69.3.150 ;P not nice, not nice at all


Oh, right!  From Feb, 2001.  There was a "bind 8 exploit" 
that was really a trojan that pounded what was then dns1.nai.com.

http://online.securityfocus.com/archive/1/159930/2001-01-30/2001-02-05/1





----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

Bind 9.2.X exploit??? güvercin (Jul 24)
- Re: Bind 9.2.X exploit??? Patrick Andry (Jul 25)
  - Re: Bind 9.2.X exploit??? David Conrad (Jul 25)
  - Re: Bind 9.2.X exploit??? Jim Clausing (Jul 25)
    - Re: Bind 9.2.X exploit??? David Conrad (Jul 25)
    - Surge of attacks on ports 61127 & 61134 Joseph (Jul 25)
- Re: Bind 9.2.X exploit??? Alexandru Balan (Jul 26)
  - Re: Bind 9.2.X exploit??? David Carmean (Jul 26)
- <Possible follow-ups>
- Re: Bind 9.2.X exploit??? Muhammad Faisal Rauf Danka (Jul 25)
  - Re: Bind 9.2.X exploit??? Sebastian (Jul 25)