Bugtraq mailing list archives
Re: SNI-12: BIND Vulnerabilities and Solutions (+ more problems)
From: spaf () CS PURDUE EDU (Gene Spafford)
Date: Wed, 23 Apr 1997 23:13:17 -0500
FYI, the cache poisoning and MX record spoofing attacks were both fully described in Christoph Schuba's MS thesis from COAST, done in 1992. It is available as ftp://coast.cs.purdue.edu/pub/COAST/papers/schuba-DNS-msthesis.{ps.Z,pdf} A shorter tech report that mentions the cache corruption plus some other issues was done in 1994, and is available via ftp://coast.cs.purdue.edu/pub/COAST/papers/schuba-spaf-DNS.{ps.Z,pdf} Some of the ideas we developed in Christoph's work went back to Steve Bellovin's paper from 1990. Thus, we can hardly consider SNI's alert to be a "new" problem. That may explain why your (Johannes) paper of last year didn't make much impact -- it wasn't new. What is unfortunate is that we circulated Christoph's MS thesis to CERT, CIAC, Sun, DEC, DISA, and a few other FIRST teams in 1992. We held off publication of the thesis for a year for people to get the code fixed before the details were available. Sigh. And we're still seeing it in mid 1997 -- 5 years later, as Christoph finishes off his PhD. Maybe we'll still be seeing it when Christoph graduates *his* first grad student. :-( --spaf
Current thread:
- SNI-12: BIND Vulnerabilities and Solutions Oliver Friedrichs (Apr 22)
- Re: SNI-12: BIND Vulnerabilities and Solutions Peter Koch (Apr 23)
- Re: SNI-12: BIND Vulnerabilities and Solutions Paul A Vixie (Apr 23)
- Re: SNI-12: BIND Vulnerabilities and Solutions (+ more problems) Johannes Erdfelt (Apr 23)
- Re: SNI-12: BIND Vulnerabilities and Solutions (+ more problems) Gene Spafford (Apr 23)
- Re: SNI-12: BIND Vulnerabilities and Solutions (+ more problems) Michael K. Sanders (Apr 23)
- Re: SNI-12: BIND Vulnerabilities and Solutions (+ more problems) Johannes Erdfelt (Apr 23)
- Re: SNI-12: BIND Vulnerabilities and Solutions (+ more problems) Yiorgos Adamopoulos (Apr 24)
- firewall-1: old broadcast address hole? Tom Vandepoel (Apr 24)
- CERT Advisory CA-97.10 - Vulnerability in Natural Language Service Aleph One (Apr 24)
- CERT Vendor-Initiated Bulletin VB-97.02 - Guestbook Script Vul Aleph One (Apr 24)
- [linux-security] Linux squake security hole (provides root if Aleph One (Apr 24)
- Re: SNI-12: BIND Vulnerabilities and Solutions Peter Koch (Apr 23)
- <Possible follow-ups>
- Re: SNI-12: BIND Vulnerabilities and Solutions David Wagner (Apr 22)
- Re: SNI-12: BIND Vulnerabilities and Solutions Theo de Raadt (Apr 22)
- ANUNCIO: Nueva lista sobre seguridad, en espanol Ivan Arce,CORE (Apr 22)