Full Disclosure mailing list archives

Re: The cat is indeed out of the bag

From: "mokum von Amsterdam" <smokum () gmail com>
Date: Wed, 23 Jul 2008 16:57:53 +0200

On Wed, Jul 23, 2008 at 4:22 PM, Robert McKay <robert () mckay com> wrote:



On Tue, Jul 22, 2008 at 3:36 AM, <monsieur.aglie () hushmail com> wrote:


from chargen 19/udp by ecopeland

0.

The cat is out of the bag. Yes, Halvar Flake figured out the flaw
Dan Kaminsky will announce at Black Hat.
1.


I believe I may have found an important optimisation to this attack.

Basically I observed that if you make a DNS request with a very long QNAME
then nameservers start dropping GLUE records in order to fit the reply into
the maximum UDP packet size.


Are you not supposed to keep DNS issues under your hat and disclose at BH only?

Cheers
-- 
Mark Andrews wrote:

...  I like simple tools.

This is the list for you then -- there are lots of folk meeting the
description here... --- Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

The cat is indeed out of the bag monsieur . aglie (Jul 22)
- Re: The cat is indeed out of the bag James Lay (Jul 22)
- Re: The cat is indeed out of the bag schroedinger (Jul 22)
- Re: The cat is indeed out of the bag schroedinger (Jul 22)
  - Re: The cat is indeed out of the bag kat (Jul 22)
- Re: The cat is indeed out of the bag Archibald Tuttle (Jul 22)
- Re: The cat is indeed out of the bag Robert McKay (Jul 23)
  - Re: The cat is indeed out of the bag mokum von Amsterdam (Jul 23)
    - Re: The cat is indeed out of the bag Peter Dawson (Jul 23)