Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1997_3

Bugtraq archives for 3rd quarter (Jul-Sep) 1997: Named Config Files

Named Config Files

Gus Huber (gusPBX.ORG)
Tue, 22 Jul 1997 15:13:06 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Lawrence R. Rogers: "Re: CERT does it again."
Previous message: Warner Losh: "Re: Security hole in exim 1.62: local root exploit"
Next in thread: Gus Huber: "Re: Named Config Files"

just noticed something the otherday that made me think twice about alloing
my users to modify the named files for their domains...

backwater:~# cat /var/named/named.lon
               IN      SOA     sys75.pbx.org.  (
22
86400   ; refresh: once per day
3600    ; retry: one hour
3600000 ; expire: 42 day
 604800 )  ; minimum 1 week

abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzab
cdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd
efghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdef
ghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz       I
N       A       206.229.211.246
backwater:~# named
Segmentation fault (core dumped)
backwater:~#


(that line was wordwrapted.. it is one continious line  that is a total of
351 chars, the first field being 313 characters.)


Makes me wonder.... maybe the rest of the bounds checking on say caching
code is the same....

        Gus Huber <guspbx.org>

Next message: Lawrence R. Rogers: "Re: CERT does it again."
Previous message: Warner Losh: "Re: Security hole in exim 1.62: local root exploit"
Next in thread: Gus Huber: "Re: Named Config Files"