|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: is there another hole in BIND?
Paul A Vixie (paul
vix.com)Sat, 23 Jul 1994 23:13:14 -0700
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Christopher Davis: "Re: Is starting a user program on priv port via inetd dangerous ?"
- Previous message: jsz: "is there another hole in BIND?"
- In reply to: jsz: "is there another hole in BIND?"
> My other guess was that: it's quite easy to kill off a named daemon with > a udp packet with an invalid length field, from remote site. not as of 4.9, at least as far as i know. and if all your servers are running 4.9 or later code, then the A RR's are safe so the extra query in gethostby*() isn't strictly needed. normal, old-style spoofing (having the bad guy's host's PTR point to one of the good guys' hostnames) was fixed at the application level in BSD and in the resolver for sunos. named itself doesn't get involved with that.
- Next message: Christopher Davis: "Re: Is starting a user program on priv port via inetd dangerous ?"
- Previous message: jsz: "is there another hole in BIND?"
- In reply to: jsz: "is there another hole in BIND?"