Re: Remote buffer overflow in resolver code of libc

From: Brett Glass (brettat_private)
Date: Wed Jun 26 2002 - 16:50:40 PDT

  • Next message: sd: "Re: Another flaw in Apache?"

    The libc resolver bug (does glibc have the bug too, by the way?) has the 
    potential to affect not only the base operating sytem but everything 
    that's been statically linked with that library. Because the effort 
    involved in rebuilding EVERYTHING is so great, perhaps there's a way to 
    shield systems against this bug without rebuilding them.
    
    What if one were to firewall direct DNS traffic to and from the outside 
    world, requiring all queries to go through a local DNS server (or a 
    "cache," as Dan Bernstein calls it)? The one server would be allowed 
    access to the rest of the world through the firewall, and could ensure 
    that no other machine gets a response that might trigger the bug.
    
    On individual machines, one could direct all queries to localhost and set 
    up one's favorite name daemon (e.g. BIND or djbdns) to "sanitize" 
    incoming responses.
    
    I am not familiar enough with the internals of the varions name daemons 
    to know if they already do this or can easily be modified to do so. Can 
    anyone out there on Bugtraq comment on this approach?
    
    --Brett Glass
    



    This archive was generated by hypermail 2b30 : Wed Jun 26 2002 - 21:38:19 PDT