CA-97.04 patched ntalk?

CA-97.04 patched ntalk?

Post by Tom Com » Thu, 06 Mar 1997 04:00:00



Hello,

 Is there a patch for ntalk that fixes the hole reported by
 CA-97.04?  I've upgraded our DNS server to bind 4.9.5 but
 would like a patch in case we are also being resolved by
 binds that are suceptible.  Thanks.

--

 Academic Computing & Network Services         Voice:     (904) 644-2591    
 Florida State University                      Tallahassee, Fl.

 
 
 

1. HTTPD and CERT advisory CA-97.07

While looking in the logs of an NCSA HTTPD for possible hacker evidence,
I noted something odd, which I prefer not to describe in detail.
Anyhow, I looked around at NCSA to see if I could see the relevant
security exposure described, and I couldn't.  At first I didn't find
anything on dejanews either.

But later on, I found a reference to CERT Advisory CA-97.07, which
described the situation exactly, and mentioned other servers that might
be affected.

Recommendation: disable nph-test-cgi  (and read the advisory, of
course).

ftp://info.cert.org/pub/cert_advisories/CA-97.07.nph-test-cgi_script

Hope this is useful to someone else.  It doesn't seem to have been
mentioned in this group, but as it's no secret on the security
groups, I presume the serious hackers all know it anyway.

2. Kernel Config

3. rlogin vulnerability: CERT Advisory CA-97.06

4. Help for PCNFS

5. CERT Advisory CA-97.06: BAD rlogin_wrapper.c installation

6. iMac Linux Site - updated (kernel build howto etc)

7. SunOS not vulnerable to rlogin bug (CERT CA-97.06)

8. Configuring server by web interface

9. Please help! L 04 04 04 04 04 04 04 04 10 10 10 10 04 10ILO

10. L 04 04 04 04 ...

11. COMMERCIAL: German Linux Magazine 04/97

12. two questions - ppp patch - 101425-04 ( not 101424-04)

13. Bootdisk displays l04 04 04 04 continuosuly