Bugtraq: Re: your mail

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: your mail

From: Alain.Thivillon () HSC FR (Alain Thivillon)
Date: Fri, 12 Nov 1999 05:20:55 +0100


Anonymous <nobody () REPLAY COM> écrivait (wrote) :

commit the sin of "the processing of NXT records"?  In other words,
are all of us vulnerable (even caching-only name servers if so, I
imagine!), or only people with NXT records?  This makes a big difference!


[ NB : I can be wrong, don't flame me :) ]

Examing diffs between 8.2.1 and 8.2.2PL3 show rewrite of code handling
external response to an NXT query coming from bind himself (see
bin/named/ns_resp.c). So i suppose, if your name server is public and
recusive, external attacker can query your bind for NXT record in
another zone. If he has control of name server of this zone, he can
send offending responses and trigger bug.

I suspect every public server with 8.2 <= bind < 8.2.3PL3 is vulnerable.

By Date By Thread

Current thread:

Re: Buffer overflow exploit in the alpha linux, (continued)
- Re: your mail Brian Wellington (Nov 11)
  - Re: your mail Alan Brown (Nov 12)
  - [ Cobalt ] Security Advisory - Bind Jeff Bilicki (Nov 12)
  - Microsoft Security Bulletin (MS99-049) Aleph One (Nov 12)
- Re: your mail Alain Thivillon (Nov 11)
- [w00giving '99 #3, w00news] UnixWare 7's /var/sadm Matt Conover (Nov 11)
- Re: your mail Firstname Lastname (Nov 12)