Re: your mail

From: Alan Brown (alanat_private)
Date: Fri Nov 12 1999 - 11:41:49 PST

Next message: deepquestat_private: "yet another security threat in MS OE 5"

Previous message: Blue Boar: "ssh-1.2.27 remote buffer overflow - exploitable (VD#7)"
Next in thread: Firstname Lastname: "Re: your mail"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 11 Nov 1999, Brian Wellington wrote:

> Caching-only servers are also vulnerable.  The NXT record is no different
> that any other DNS record in this case.  If someone is able to make your
> server fetch a maliciously-constructed NXT record, it will cause problems.
> A query to a caching server will force the server to send a recursive
> query, which makes the caching server vulnerable.

All the more reason to define local IP ranges and restrict allow-query
to those ranges only by default.

AB

Next message: deepquestat_private: "yet another security threat in MS OE 5"
Previous message: Blue Boar: "ssh-1.2.27 remote buffer overflow - exploitable (VD#7)"
Next in thread: Firstname Lastname: "Re: your mail"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:11:58 PDT