The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

CERT Advisory CA-2002-19 Buffer Overflow in Multiple DNS Res

Discussion in 'Bind / DNS / Nameserver Issues' started by andyf, Jun 29, 2002.

  1. andyf

    andyf Well-Known Member

    Joined:
    Jan 7, 2002
    Messages:
    246
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    UK
    Does this effect our cpanel installs? if so, any idea when the update is going in (or has it already?).

    Cheers,
    Andy
     
  2. itf

    itf Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    624
    Likes Received:
    0
    Trophy Points:
    16
    YES! Our Cpanel servers use BIND 9.2.1 which is vulnerable

    BIND 9 contains a copy of the BIND 8.3.x resolver library (lib/bind). This will be updated with the next BIND 9 releases (9.2.2/9.3.0) in the meantime
     
  3. feanor

    feanor Well-Known Member

    Joined:
    Aug 13, 2001
    Messages:
    836
    Likes Received:
    0
    Trophy Points:
    16
    Just keep &security updates& enabled within your panels........... (in the update section of WHManager)
    That's by far the most important, and you should never circumvent that no matter how much you think auto-updates are going to ruin your life.

    In this case, you only get daemon patches that defend your system against the latest exploits. The day that redhat constructs an rpm to patch an exploit, you can bet darkorb will have it in the rpmupdate that very night. And until an rpm is released, if not immediately, in most cases cpanel will release a patch (whatever procedure is required to secure the daemon without a version update), until the rpm or source is tangible to the public.

    That's been my experience, anyway.
     
  4. masood

    masood Well-Known Member

    Joined:
    Jun 14, 2002
    Messages:
    78
    Likes Received:
    0
    Trophy Points:
    6
    Yes, just got the SSH rpm update from layer2.cpanel.net :p

    This thing rocks :)
     
  5. itf

    itf Well-Known Member

    Joined:
    May 9, 2002
    Messages:
    624
    Likes Received:
    0
    Trophy Points:
    16
    Cpanel is one of the bests; as &feanor& wrote wait for the latest update from Red Hat but if you are under attack you can install bind 8.3.3 which is not vulnerable

    But if you are not just wait ;)
     
  6. masood

    masood Well-Known Member

    Joined:
    Jun 14, 2002
    Messages:
    78
    Likes Received:
    0
    Trophy Points:
    6
    Looks like the attack has started :-(

    BIND is the worst open source software I have dealt with. So many vulnerabilities so often.

    I like tinydns. it rocks :p
     
  7. TRAIN YARD SOFTWARE

    TRAIN YARD SOFTWARE Well-Known Member

    Joined:
    Dec 20, 2001
    Messages:
    224
    Likes Received:
    0
    Trophy Points:
    16
    will running redhat &up2date& have problems with cpanel?
     
  8. feanor

    feanor Well-Known Member

    Joined:
    Aug 13, 2001
    Messages:
    836
    Likes Received:
    0
    Trophy Points:
    16
    That all depends how you fine tune the up2date config. If you go too far, you can begin updating packages that may actually affect your cpanel install, as the updates will come from redhat instead of cpanel's storehouse of packages they have deemed worthy to work with the cpanel software.

    I would recommend not using up2date on a cpanel machine so you don't CROSS the STREAMS
    (ghostbusters)

    But perhaps darkorb can answer this more explicitly?
    up2date does have its uses, its just that cpanel already has a mechanism like this built in.
     
  9. NetGeek

    NetGeek Well-Known Member

    Joined:
    Mar 4, 2002
    Messages:
    67
    Likes Received:
    0
    Trophy Points:
    6
    Hi

    How could I know the auto update kicked off ? it was turned off couple of days then I turned it on when I read about that ssh bug.

    And how do I do it manualy, just in case ?
     
  10. TRAIN YARD SOFTWARE

    TRAIN YARD SOFTWARE Well-Known Member

    Joined:
    Dec 20, 2001
    Messages:
    224
    Likes Received:
    0
    Trophy Points:
    16
    feanor, thankx
     
  11. shaun

    shaun Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    698
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    San Clemente, Ca
    netgrek, you can make the updates run manualy in the panel. Scroll down to the bottom area, or log in as root and run /scripts/sysup and /scripts/rpmup


    Bind is by far the worst most buggy'est service i think i have ever ran into. it's rediculis. We run tinydns on our main nameservers here at OC it would be nice to see cpanel switch.
     
Loading...

Share This Page