Bugtraq mailing list archives
Buglet in Bind 4.9.5. [SUMMARY]
From: alan () MANAWATU GEN NZ (Alan Brown)
Date: Fri, 11 Apr 1997 02:12:51 +1200
Lots of followups to this one. So far the response count is over 100 with no sign of a letup. Firstly, by my (and several other people's) interpretation, this IS a bug in Bind, not a feature - no matter how many programmers would like to argue otherwise. RFC 1035 is quite explicit that the dotted quad format is in DECIMAL. (RFC 1035, section 3.4.1). This RFC is obseleted by RFC 2065, but that RFC makes no mention of A records at all, concentrating more on security aspects of DNS. If RFC 1035 holds, then either the specification of an A field needs to be updated or Bind does. if not, then RFC 2065 needs revising to specify all the items covered in the RFC it obseletes. Regardless of that, the unholy terror of allowing mixed base in the A record has tripped up a _lot_ of people. Over 1/3 of the people who replied to me have been caught by this and IMO that's way too high. Even seasoned admins have admitted to having been tripped by this problem in DNS and other areas such as ethernet MAC assignments, with comments that inserting submitted lists without combing them for zero padding has caused trouble even after the cause of the problem is known and been fixed once already. Bind is a program written by programmers who assume that the end users are programmers, when in fact the configuration files are mostly handled by non-programmers. Most people are aware of notation for hexadecimal, but octal representation isn't used much these days outside programming circles. Regarding the security risks mentioned, false alarms are as bad, if not worse than not alarming, because high levels of falsing cause any alarm to be written off as Yet Another False, masking the genuine ones. AB
Current thread:
- qualcomm POP server David Sacerdote (Apr 09)
- Buglet in Bind 4.9.5 Alan Brown (Apr 09)
- Buglet in Bind 4.9.5. [SUMMARY] Alan Brown (Apr 10)
- CIAC Bulletin H-45: Windows NT SAM permission Vulnerability Aleph One (Apr 10)
- Norton Utilities 2.0 Vulnerability Aleph One (Apr 10)
- L0pht Advisory: release of L0phtCrack for NT Aleph One (Apr 11)
- New source address for Sun Security Bulletins Aleph One (Apr 11)
- [LINUX] IP_MASQ / Ethernet Passing Traffic After Halt Sean B. Hamor (Apr 11)