North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: new bind vuln
On Wed, Nov 13, 2002 at 12:21:07AM -0500, Michael H. Warfield wrote: > On Wed, Nov 13, 2002 at 12:06:04AM -0500, Steven M. Bellovin wrote: > > CERT said that the ISS advisory was to be released on 13 November, and > > that the patch would be available from ISC next week. There was no > > indication about when CERT itself was going to issue an advisory, but > > clearly someone said something a day earlier than had been expected. > Cool... That nails it then. CERT had it wrong. I think > Paul notified CERT, but I could be easily wrong on that and will verify... Checked it out. We notified CERT (Paul or ISC may have as well, I don't know about that). Here is what we sent them... ] -----Original Message----- ] From: Ingevaldson, Dan (ISS Atlanta) ] Sent: Monday, November 11, 2002 5:40 PM ] To: 'CERT Coordination Center' ] Subject: ISS advisory ] ] Team- ] ] This information was provided to us by ISC today on issues that ISS X-Force discovered. We will be releasing our security advisory tomorrow. Any questions regarding this material should be directed to the ISC security contact. > > > <<bind_security_11082002.tar.gz.pgp>> > > <<bind_security_11082002.txt.pgp>> > Regards, > ============================= > Dan Ingevaldson > Team Lead, X-Force R&D > firstname.lastname@example.org > 404-236-3160 > > Internet Security Systems, Inc. > The Power to Protect > http://www.iss.net <http://www.iss.net/> > ============================= Note the date... Note that we said "tomorrow". Note that it was also 5:40 PM EST. I'll accept that the choice of terminology probably led to the confusion, especially considering the late time. If they processed the message on the 12th and didn't look at the date in our notice then they could easily have gotten their date wrong. I'll mention it to Dan that we should never use relative date terminology in notices like this and to stick with absolute dates, even if it is "tomorrow". I wonder if we need to start timestamping some of our notices in addition to PGP signing them... Another topic, another time... Sigh... > Thanks! > > --Steve Bellovin, http://www.research.att.com/~smb (me) > > http://www.wilyhacker.com ("Firewalls" book) Regards, Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!