Bugtraq: Re: glibc resolver weakness

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: glibc resolver weakness

From: Valdis.Kletnieks () VT EDU (Valdis.Kletnieks () VT EDU)
Date: Wed, 3 May 2000 15:58:48 -0400


On Wed, 03 May 2000 03:40:46 +0200, antirez <antirez () LINUXCARE COM>  said:

Hi all,

this is from glibc 2.1.3 resolver source code:

u_int
res_randomid()
{
        struct timeval now;

        __gettimeofday(&now, NULL);
        return (0xffff & (now.tv_sec ^ now.tv_usec ^ __getpid()));
}


The exact same code as in the BIND 8.2.2-p5 src/lib/resolv/res_init.c

I've *NOT* evaluated if there's an actual problem here, but if there is,
it's probably in *every* BIND-derived resolver...

--
                                Valdis Kletnieks
                                Operating Systems Analyst
                                Virginia Tech

By Date By Thread

Current thread:

"ILOVEYOU" virus analysis, (continued)
- glibc resolver weakness antirez (May 02)
  - Re: glibc resolver weakness Bennett Todd (May 03)
  - Re: glibc resolver weakness Valdis.Kletnieks () VT EDU (May 03)
  - Re: glibc resolver weakness Andrew Brown (May 03)
  - Cayman 3220-H DSL Router DOS cassius () HUSHMAIL COM (May 05)
- Fun with UltraBoard V1.6X rudi carell (May 03)
  - Fwd: tcpdump workaround against dnsloop exploit. THE INFAMOUS (May 03)
    - Re: tcpdump workaround against dnsloop exploit. David Schwartz (May 06)