Bugtraq mailing list archives

Re: tcpdump workaround against dnsloop exploit.

From: davids () WEBMASTER COM (David Schwartz)
Date: Sat, 6 May 2000 15:12:54 -0700


        This won't work. It stops an A->A->A loop but allows an A->B->A->B loop.
What you want is something more like:

+                               /*
+                                * If we got two time the same data ptr,
+                                * or are being referred forward,
+                                * this means we may loop.
+                                */
+                               if ( cp >= old)
+                                       return NULL;
+                               old = cp;

DS

Current thread:

"ILOVEYOU" virus analysis, (continued)
- - "ILOVEYOU" virus analysis Steve Wolfe (May 04)
  - 2.2.14 Kernel exec/open bug (?) The Cr0W (May 05)
  - Re: Denial of service attack against tcpdump Hugo.van.der.Kooij () CAIW NL (May 09)
- glibc resolver weakness antirez (May 02)
  - Re: glibc resolver weakness Bennett Todd (May 03)
  - Re: glibc resolver weakness Valdis.Kletnieks () VT EDU (May 03)
  - Re: glibc resolver weakness Andrew Brown (May 03)
  - Cayman 3220-H DSL Router DOS cassius () HUSHMAIL COM (May 05)
- Fun with UltraBoard V1.6X rudi carell (May 03)
  - Fwd: tcpdump workaround against dnsloop exploit. THE INFAMOUS (May 03)
    - Re: tcpdump workaround against dnsloop exploit. David Schwartz (May 06)
    - NetBSD Security Advisory 2000-002 Daniel Carosone (May 06)
    - [NHC20000504a.0: NetBSD Panics when sent unaligned IP options] NHC Research (May 06)
    - Re: Fwd: tcpdump workaround against dnsloop exploit. Sebastian (May 07)
  - Re: Fun with UltraBoard V1.6X Juan M. Bello Rivas (May 05)