mailing list archives
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion)
From: coderman <coderman () gmail com>
Date: Sun, 13 Jul 2008 15:15:37 -0700
On Sun, Jul 13, 2008 at 2:27 PM, eugaaa () gmail com <eugaaa () gmail com> wrote:
So on that note I'll be more direct. Has anyone actually preemptively
written any code or reversed this issue on their own? Or just, you
know, attempted to understand the vulnerability in detail instead of
relying on these intentionally vague advisories (dan)?
my money is currently on ICMP port unreachable combined with the
predictable ports to trick vulnerable resolvers into thinking the
configured nameservers are offline:
you could fix this via the method described, and not imply that the
ICMP was part of the vector.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/