Bugtraq mailing list archives
Re: SNI-12: BIND Vulnerabilities and Solutions
From: daw () CS BERKELEY EDU (David Wagner)
Date: Wed, 23 Apr 1997 02:18:56 -0700
In article <5jjnjr$b5r () joseph cs berkeley edu>, David Wagner <daw () CS BERKELEY EDU> wrote:
However, I think your patch won't fix the problem. It attempts to make the query ID unpredictable, but fails -- the "random" numbers it generates are still predictable (after a trivial 2^16 offline trials). And the seeding is terrible -- two years ago Netscape used timeofday and pid to seed their PRNG, too, and look what happened to them. Tell me I'm missing something.
Allow me to partially retract my claim. As far as I can tell the patch works as intended on OpenBSD systems, and my concerns do not apply to OpenBSD-based boxes. I'd like to publicly apologize to OpenBSD and Theo de Raadt for tarring OpenBSD with too broad a brush. However, I still believe the patch won't fix the problem on most systems: as far as I can tell, it won't fix the hole on systems not running OpenBSD. The secnet advisory probably should have included a note to this effect.
Current thread:
- Re: SNI-12: BIND Vulnerabilities and Solutions (+ more problems), (continued)
- Re: SNI-12: BIND Vulnerabilities and Solutions (+ more problems) Yiorgos Adamopoulos (Apr 24)
- firewall-1: old broadcast address hole? Tom Vandepoel (Apr 24)
- CERT Advisory CA-97.10 - Vulnerability in Natural Language Service Aleph One (Apr 24)
- CERT Vendor-Initiated Bulletin VB-97.02 - Guestbook Script Vul Aleph One (Apr 24)
- [linux-security] Linux squake security hole (provides root if Aleph One (Apr 24)
- Re: SNI-12: BIND Vulnerabilities and Solutions David Wagner (Apr 22)
- Re: SNI-12: BIND Vulnerabilities and Solutions Theo de Raadt (Apr 22)
- ANUNCIO: Nueva lista sobre seguridad, en espanol Ivan Arce,CORE (Apr 22)
- Re: ANUNCIO: Nueva lista sobre seguridad, en espanol The CyberFish (Apr 23)
- Re: SNI-12: BIND Vulnerabilities and Solutions David Wagner (Apr 23)
- Re: SNI-12: BIND Vulnerabilities and Solutions David Wagner (Apr 23)