new bind vuln
Barney Wolff
barney at tp.databus.com
Wed Nov 13 05:46:28 UTC 2002
This does beg the question (not that I hold *you* responsible!)
why the advisory had to come out before the patch. Does anyone
know whether the news had escaped to the blackhats? Otherwise
I cannot understand the rationale.
Barney
On Wed, Nov 13, 2002 at 12:06:04AM -0500, Steven M. Bellovin wrote:
>
> CERT said that the ISS advisory was to be released on 13 November, and
> that the patch would be available from ISC next week. There was no
> indication about when CERT itself was going to issue an advisory, but
> clearly someone said something a day earlier than had been expected.
>
> --Steve Bellovin, http://www.research.att.com/~smb (me)
> http://www.wilyhacker.com ("Firewalls" book)
--
Barney Wolff http://www.databus.com/bwresume.pdf
I'm available by contract or FT, in the NYC metro area or via the 'Net.
More information about the NANOG
mailing list