Bugtraq: Re: your mail

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: your mail

From: alan () MANAWATU GEN NZ (Alan Brown)
Date: Sat, 13 Nov 1999 08:41:49 +1300


On Thu, 11 Nov 1999, Brian Wellington wrote:

Caching-only servers are also vulnerable.  The NXT record is no different
that any other DNS record in this case.  If someone is able to make your
server fetch a maliciously-constructed NXT record, it will cause problems.
A query to a caching server will force the server to send a recursive
query, which makes the caching server vulnerable.


All the more reason to define local IP ranges and restrict allow-query
to those ranges only by default.

AB

By Date By Thread

Current thread:

(no subject), (continued)
- (no subject) David R. Conrad (Nov 11)
  - Re: CERT Advisory CA-99-14 Multiple Vulnerabilities in BIND Solar Designer (Nov 12)
  - Buffer overflow exploit in the alpha linux Taeho Oh (Nov 13)
    - Re: Buffer overflow exploit in the alpha linux Lamont Granquist (Nov 15)
- Re: your mail Brian Wellington (Nov 11)
  - Re: your mail Alan Brown (Nov 12)
  - [ Cobalt ] Security Advisory - Bind Jeff Bilicki (Nov 12)
  - Microsoft Security Bulletin (MS99-049) Aleph One (Nov 12)
- Re: your mail Alain Thivillon (Nov 11)
- [w00giving '99 #3, w00news] UnixWare 7's /var/sadm Matt Conover (Nov 11)
- Re: your mail Firstname Lastname (Nov 12)