Home page logo

bugtraq logo Bugtraq mailing list archives

Re: SNI-12: BIND Vulnerabilities and Solutions (+ more problems)
From: spaf () CS PURDUE EDU (Gene Spafford)
Date: Wed, 23 Apr 1997 23:13:17 -0500

FYI, the cache poisoning and MX record spoofing attacks were both
fully described in Christoph Schuba's MS thesis from COAST, done in
1992.  It is available as
A shorter tech report that mentions the cache corruption plus some
other issues was done in 1994, and is available via

Some of the ideas we developed in Christoph's work went back to Steve
Bellovin's paper from 1990.  Thus, we can hardly consider SNI's alert
to be a "new" problem.  That may explain why your (Johannes) paper of
last year didn't make much impact -- it wasn't new.

What is unfortunate is that we circulated Christoph's MS thesis to
CERT, CIAC, Sun, DEC, DISA, and a few other FIRST teams in 1992.  We
held off publication of the thesis for a year for people to get the
code fixed before the details were available.  Sigh.  And we're still
seeing it in mid 1997 -- 5 years later, as Christoph finishes off his
PhD. Maybe we'll still be seeing it when Christoph graduates *his*
first grad student. :-(


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]