CA-97.04 patched ntalk?

CA-97.04 patched ntalk?

Post by Tom Com » Thu, 06 Mar 1997 04:00:00


 Is there a patch for ntalk that fixes the hole reported by
 CA-97.04?  I've upgraded our DNS server to bind 4.9.5 but
 would like a patch in case we are also being resolved by
 binds that are suceptible.  Thanks.


 Academic Computing & Network Services         Voice:     (904) 644-2591    
 Florida State University                      Tallahassee, Fl.


1. HTTPD and CERT advisory CA-97.07

While looking in the logs of an NCSA HTTPD for possible hacker evidence,
I noted something odd, which I prefer not to describe in detail.
Anyhow, I looked around at NCSA to see if I could see the relevant
security exposure described, and I couldn't.  At first I didn't find
anything on dejanews either.

But later on, I found a reference to CERT Advisory CA-97.07, which
described the situation exactly, and mentioned other servers that might
be affected.

Recommendation: disable nph-test-cgi  (and read the advisory, of

Hope this is useful to someone else.  It doesn't seem to have been
mentioned in this group, but as it's no secret on the security
groups, I presume the serious hackers all know it anyway.

2. Kernel Config

3. rlogin vulnerability: CERT Advisory CA-97.06

4. Help for PCNFS

5. CERT Advisory CA-97.06: BAD rlogin_wrapper.c installation

6. iMac Linux Site - updated (kernel build howto etc)

7. SunOS not vulnerable to rlogin bug (CERT CA-97.06)

8. Configuring server by web interface

9. Please help! L 04 04 04 04 04 04 04 04 10 10 10 10 04 10ILO

10. L 04 04 04 04 ...

11. COMMERCIAL: German Linux Magazine 04/97

12. two questions - ppp patch - 101425-04 ( not 101424-04)

13. Bootdisk displays l04 04 04 04 continuosuly