[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DNS resolver library exploit.

To: misc@openbsd.org
Subject: Re: DNS resolver library exploit.
From: Nick Nauwelaerts <nick@wanadoo.be>
Date: Mon, 1 Jul 2002 12:44:20 +0200
References: <20020630195131.64509.qmail@web14107.mail.yahoo.com> <20020630142608.7f53a25a.grendel@zeitbombe.org>

On Sun, 30 Jun 2002 14:26:08 +0000
tedu <grendel@zeitbombe.org> wrote:

> If the resolver gets a bad reply, it can crash/be exploited. 
> Typically, you trust your DNS servers to some extent.  My
> understanding is that you can only be attacked by the people owning
> the DNS servers you use.

Most client-side programs lack the logic to do full recursive DNS
look-ups, and so forward that request to their (ISP's or local)
nameserver. That nameserver does the searching for the client and
returns the answer. Now, some DNS servers re-write the information they
receive from upstream servers, and some just pass it on without the
rewrite. So yes, I think you might be vulnerable to this even when using
trusted DNS servers.
There was a tread on bugtraq or vuln-dev about this, you might want to
have a look at that:
http://online.securityfocus.com/archive/82/279431

// nick

Prev by Date: Re: Help needed with Qwest/MSN DSL...
Next by Date: OpenBSD install from DOS/Windows without floppy/CDROM/boot media
Prev by thread: Re: Help needed with Qwest/MSN DSL...
Next by thread: OpenBSD install from DOS/Windows without floppy/CDROM/boot media
Index(es):
- Date
- Thread