Re: bsd libc dns resolving code vulnerable?
From: Jacques A. Vidrine (nectar@freebsd.org)
Date: 06/26/02
- Next message: Kevin Golding: "Re: Much ado about nothing."
- Previous message: Jacques A. Vidrine: "Re: bsd libc dns resolving code vulnerable?"
- In reply to: Alain Thivillon: "Re: bsd libc dns resolving code vulnerable?"
- Next in thread: Mark.Andrews@isc.org: "Re: bsd libc dns resolving code vulnerable?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 26 Jun 2002 11:07:06 -0500 From: "Jacques A. Vidrine" <nectar@freebsd.org> To: Alain Thivillon <at@rominet.net>
On Wed, Jun 26, 2002 at 05:39:54PM +0200, Alain Thivillon wrote:
To be clear, we're not certain that it /is/ exploitable. However,
the only safe thing to do is assume that it is.
> Do you know if using a local caching name server will prevent
> exploitation ?
I'm afraid I don't know. It depends upon whether the name server
rejects or cleans responses. And it would have to be local, as
in localhost.
Cheers,
-- Jacques A. Vidrine <n@nectar.cc> http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
- Next message: Kevin Golding: "Re: Much ado about nothing."
- Previous message: Jacques A. Vidrine: "Re: bsd libc dns resolving code vulnerable?"
- In reply to: Alain Thivillon: "Re: bsd libc dns resolving code vulnerable?"
- Next in thread: Mark.Andrews@isc.org: "Re: bsd libc dns resolving code vulnerable?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
