|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Killing ircds via DNS
From: David Luyer (david_luyer
PACIFIC.NET.AU)Date: Fri Dec 08 2000 - 06:39:21 CST
- Next message: Theodor Bucher: "Re: Xato commentary on MS security bulletins"
- Previous message: Jouko Pynnonen: "Vulnerabilities in KTH Kerberos IV"
- Next in thread: Piotr Kucharski: "Re: Killing ircds via DNS"
- Maybe reply: David Luyer: "Re: Killing ircds via DNS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hugo van der Kooij wrote:
> On Wed, 6 Dec 2000, David Luyer wrote:
>
> > The bug is triggered by returning a 128-byte answer to an A-record query, eg,
> > a 128-byte A-record response to a reverse DNS lookup on the client IP. The
> > fix should be self-evident.
>
> I'm not that good in coding.
>
> But isn't requesting an A record a normal DNS request? (Get an IP address
> by the given name.) A reverse DNS query would be for a PTR record.
> (Getting the name by an IP address.)
Sure. But the routine parses the returned packet, it doesn't matter what the
query was. So even if it's a PTR query, an A response is still parsed and
still overflows the reply buffer.
David.
-- David Luyer Phone: +61 3 9674 7525 Senior Network Engineer P A C I F I C Fax: +61 3 9699 8693 Pacific Internet (Australia) I N T E R N E T Mobile: +61 4 1111 2983 http://www.pacific.net.au/ NASDAQ: PCNTF
- Next message: Theodor Bucher: "Re: Xato commentary on MS security bulletins"
- Previous message: Jouko Pynnonen: "Vulnerabilities in KTH Kerberos IV"
- Next in thread: Piotr Kucharski: "Re: Killing ircds via DNS"
- Maybe reply: David Luyer: "Re: Killing ircds via DNS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]