Bugtraq mailing list archives

Re: your mail

From: alan () MANAWATU GEN NZ (Alan Brown)
Date: Sat, 13 Nov 1999 08:41:49 +1300


On Thu, 11 Nov 1999, Brian Wellington wrote:

Caching-only servers are also vulnerable.  The NXT record is no different
that any other DNS record in this case.  If someone is able to make your
server fetch a maliciously-constructed NXT record, it will cause problems.
A query to a caching server will force the server to send a recursive
query, which makes the caching server vulnerable.


All the more reason to define local IP ranges and restrict allow-query
to those ranges only by default.

AB

Current thread:

(no subject) Anonymous (Nov 10)
- (no subject) David R. Conrad (Nov 11)
  - Re: CERT Advisory CA-99-14 Multiple Vulnerabilities in BIND Solar Designer (Nov 12)
  - Buffer overflow exploit in the alpha linux Taeho Oh (Nov 13)
    - Re: Buffer overflow exploit in the alpha linux Lamont Granquist (Nov 15)
- Re: your mail Brian Wellington (Nov 11)
  - Re: your mail Alan Brown (Nov 12)
  - [ Cobalt ] Security Advisory - Bind Jeff Bilicki (Nov 12)
  - Microsoft Security Bulletin (MS99-049) Aleph One (Nov 12)
- Re: your mail Alain Thivillon (Nov 11)
- [w00giving '99 #3, w00news] UnixWare 7's /var/sadm Matt Conover (Nov 11)
- Re: your mail Firstname Lastname (Nov 12)