Re: bsd libc dns resolving code vulnerable?

From: Jacques A. Vidrine (nectar@freebsd.org)
Date: 06/26/02


Date: Wed, 26 Jun 2002 11:07:06 -0500
From: "Jacques A. Vidrine" <nectar@freebsd.org>
To: Alain Thivillon <at@rominet.net>

On Wed, Jun 26, 2002 at 05:39:54PM +0200, Alain Thivillon wrote:

To be clear, we're not certain that it /is/ exploitable. However,
the only safe thing to do is assume that it is.

> Do you know if using a local caching name server will prevent
> exploitation ?

I'm afraid I don't know. It depends upon whether the name server
rejects or cleans responses. And it would have to be local, as
in localhost.

Cheers,

-- 
Jacques A. Vidrine <n@nectar.cc>                 http://www.nectar.cc/
NTT/Verio SME          .     FreeBSD UNIX     .       Heimdal Kerberos
jvidrine@verio.net     .  nectar@FreeBSD.org  .          nectar@kth.se
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message


Relevant Pages