oss-sec mailing list archives
Re: CVE Request New-djbdns: dnscache: potential cache poisoning
From: Michael Samuel <mik () miknet net>
Date: Wed, 12 Feb 2014 11:23:54 +1100
On 12 February 2014 01:51, P J P <ppandit () redhat com> wrote:
Hi, -> http://www.openwall.com/lists/oss-security/2014/02/11/7 This looks like the same issue - predictable hash collision.
The same issue, different result. CVE-2013-6401 is a DoS vulnerability, which would result in excess CPU usage per hash lookup. The described issue would result in expiring attacker-specified (but not more) cache entries at approximately the same CPU cost. So this is something else. Regards, Michael
Current thread:
- CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 09)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning Florian Weimer (Feb 10)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 10)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 10)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning Michael Samuel (Feb 11)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 11)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 11)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning Michael Samuel (Feb 11)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 11)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 17)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning Michael Samuel (Feb 17)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 18)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 10)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning Florian Weimer (Feb 10)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning Michael Samuel (Feb 11)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 11)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning Florian Weimer (Feb 27)
- Re: Re: CVE Request New-djbdns: dnscache: potential cache poisoning P J P (Feb 19)
- Re: CVE Request New-djbdns: dnscache: potential cache poisoning cve-assign (Feb 20)