Bugtraq mailing list archives
Re: SNI-12: BIND Vulnerabilities and Solutions (+ more problems)
From: msanders () AROS NET (Michael K. Sanders)
Date: Wed, 23 Apr 1997 23:12:33 -0600
In message <Pine.LNX.3.95.970422142917.16221A-100000 () borg sventech com>, Johann es Erdfelt writes:
Since SNI has released that paper and stole all of the thunder out of my advisory, I'll post a couple of things in addition to their advisory. There's a couple of things in this post and it's semi long.
I don't know that I'd be too concerned about having all your thunder stolen... I'm reminded of the 5th USENIX UNIX Security Symposium.
There's a MUCH easier way of caching RR's. As long as the nameserver is older than 4.9.5+P1 which is > 90% of the net. I explained it in a paper I wrote last year I sent it off to Paul Vixie to get a reply (and possibly a patch) to the problem. The problem is basically this: BIND will cache ANYTHING that it gets in the return packet. This advisory was partially leaked to nanog and is known to have been leaked to a number of other people. Here it is from my original advisory (complete with spelling and grammar mistakes):
... so how is all of this different from Bellovin's original 1990 paper? <URL:http://penguin.cso.uiuc.edu/~lemson/securitysymp/session7.html> <URL:http://www.usenix.org/publications/library/proceedings/security95/bellovin.html>
Current thread:
- SNI-12: BIND Vulnerabilities and Solutions Oliver Friedrichs (Apr 22)
- Re: SNI-12: BIND Vulnerabilities and Solutions Peter Koch (Apr 23)
- Re: SNI-12: BIND Vulnerabilities and Solutions Paul A Vixie (Apr 23)
- Re: SNI-12: BIND Vulnerabilities and Solutions (+ more problems) Johannes Erdfelt (Apr 23)
- Re: SNI-12: BIND Vulnerabilities and Solutions (+ more problems) Gene Spafford (Apr 23)
- Re: SNI-12: BIND Vulnerabilities and Solutions (+ more problems) Michael K. Sanders (Apr 23)
- Re: SNI-12: BIND Vulnerabilities and Solutions (+ more problems) Johannes Erdfelt (Apr 23)
- Re: SNI-12: BIND Vulnerabilities and Solutions (+ more problems) Yiorgos Adamopoulos (Apr 24)
- firewall-1: old broadcast address hole? Tom Vandepoel (Apr 24)
- CERT Advisory CA-97.10 - Vulnerability in Natural Language Service Aleph One (Apr 24)
- CERT Vendor-Initiated Bulletin VB-97.02 - Guestbook Script Vul Aleph One (Apr 24)
- [linux-security] Linux squake security hole (provides root if Aleph One (Apr 24)
- Re: SNI-12: BIND Vulnerabilities and Solutions Peter Koch (Apr 23)
- <Possible follow-ups>
- Re: SNI-12: BIND Vulnerabilities and Solutions David Wagner (Apr 22)
- Re: SNI-12: BIND Vulnerabilities and Solutions Theo de Raadt (Apr 22)
- ANUNCIO: Nueva lista sobre seguridad, en espanol Ivan Arce,CORE (Apr 22)
- Re: ANUNCIO: Nueva lista sobre seguridad, en espanol The CyberFish (Apr 23)