Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Advisory for Vdns

From: neme-dhc () HUSHMAIL COM
Date: Mon, 7 May 2001 19:35:37 -0500
 [ Advisory for VdnsServer                         ]
 [ VdnsServer is sold by ZFC and Hughestech        ]
 [ Site: http://www.zfc.com | www.hughesnet.net    ]
 [ by nemesystm of the DHC                         ]
 [ (http://dhcorp.cjb.net - neme-dhc () hushmail com) ]
 [ ADV-0121                                        ]

/-|=[explanation]=|-\
Virtual DNS (Vdns) allows users with DSL & ADSL type
connections to run their own web server with their
own domain name. It suffers from a denial of
service.

/-|=[who is vulnerable]=|-\
VdnsServer 1.0
has been tested and was vulnerable.

/-|=[testing it]=|-\
By opening up a connection to 6070, sending it some
info and then cutting of the connection, Vdns goes
into a state of "Default.Closed" and will not allow
any other connections.

I have made a perl script that exploits this. It is
in the advisory that is available on the DHC site.
http://www.emc2k.com/dhcorp/homebrew/vdns.zip

/-|=[fix]=|-\
Download VdnsServer 2.0
Free, encrypted, secure Web-based email at www.hushmail.com
Previous By Date Next
Previous By Thread Next

Current thread: