[Fwd: [Full-disclosure] NISCC DNS Protocol Vulnerability]

[Gadi Evron <ge () linuxbox org>]

As an FYI, seems serious.
No real or any details yet. Like a friend said, you can guess where to 
look for it yourselves but this release is rather useless until more 
details are given.

Attached is the message from FD.

        Gadi.

--
/~\ The Green
\ / Ribbon Campaign
 X  Against Purple
/ \ Ribbons!        -- "The Geometry of Shadows", Babylon 5.
> --- Begin Message ---
>
>
> From: Markus Jansson <seemyhomepage () katsokotisivuilta ni>
>
> Date: Fri, 28 Apr 2006 22:59:05 +0300
>
> http://www.niscc.gov.uk/niscc/vulnAdv-en.html
> "The vulnerabilities described in this advisory affect implementations 
> of the Domain Name System (DNS) protocol. Many vendors include support 
> for this protocol in their products and may be impacted to varying 
> degrees, if at all."
>
> "Impact:
> ..DoS...memory corruption...stack corruption...buffer overflow exploits"
>
> "Vendors affected:
> Cisco, Delegate, Ethereal, Hitachi, ISC, Juniper Networks, MyDNS, pdnsd, 
> Sun, Wind River & Microsoft"
>
> Whole stuff in .pdf format
> http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en
>
>
>
> --
> My computer security & privacy related homepage
> http://www.markusjansson.net
> Use HushTools or GnuPG/PGP to encrypt any email
> before sending it to me to protect our privacy.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
> --- End Message ---