Vulnerability Development mailing list archives

Re: Bug, possible hole in nslookup, various operating systems

From: Damian Menscher <menscher () uiuc edu>
Date: Sat, 16 Dec 2000 22:54:19 -0600

On Fri, 15 Dec 2000, Gunnar Wolf wrote:

I found a strange behavior in the nslookup command, and was able to
reproduce it in several different platforms. I do not have deep knowledge
of the inner working of nslookup, but the message I got seemed a bit
suspicious, and I decided to report it before someone can find a way to
exploit it.


nslookup has 755 permissions on all machines I've seen, so I'm not sure
what the danger is....  You thinking of something in the kernel?

What I am doing is very simple - too simple, maybe. I run nslookup in
interactive mode, and send ^C while it is waiting for my text.


Just to add a new platform:

IRIX 6.5.6m is not vulnerable

Damian Menscher
--
--==## Grad. student & Sys. Admin. @ U. Illinois at Urbana-Champaign ##==--
--==## <menscher () uiuc edu> www.uiuc.edu/~menscher/ Ofc:(217)333-0038 ##==--
--==## Physics Dept, 1110 W Green, Urbana IL 61801 Fax:(217)333-9819 ##==--

Current thread:

Bug, possible hole in nslookup, various operating systems Gunnar Wolf (Dec 17)
- Re: Bug, possible hole in nslookup, various operating systems Damian Menscher (Dec 18)
  - Re: Bug, possible hole in nslookup, various operating systems Michal Zalewski (Dec 18)
  - Re: Bug, possible hole in nslookup, various operating systems Gunnar Wolf (Dec 18)
    - Re: Bug, possible hole in nslookup, various operating systems Steve Lord (Dec 19)
    - Re: Bug, possible hole in nslookup, various operating systems Ryan W. Maple (Dec 20)
    - Re: Bug, possible hole in nslookup, various operating systems rpc (Dec 20)
- Re: Bug, possible hole in nslookup, various operating systems SSecurity (Dec 18)
- <Possible follow-ups>
- Re: Bug, possible hole in nslookup, various operating systems Kyle Bradley (Dec 18)