North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: new bind vuln
This does beg the question (not that I hold *you* responsible!) why the advisory had to come out before the patch. Does anyone know whether the news had escaped to the blackhats? Otherwise I cannot understand the rationale. Barney On Wed, Nov 13, 2002 at 12:06:04AM -0500, Steven M. Bellovin wrote: > > CERT said that the ISS advisory was to be released on 13 November, and > that the patch would be available from ISC next week. There was no > indication about when CERT itself was going to issue an advisory, but > clearly someone said something a day earlier than had been expected. > > --Steve Bellovin, http://www.research.att.com/~smb (me) > http://www.wilyhacker.com ("Firewalls" book) -- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net.
|