Bugtraq mailing list archives
Re: your mail
From: alan () MANAWATU GEN NZ (Alan Brown)
Date: Sat, 13 Nov 1999 08:41:49 +1300
On Thu, 11 Nov 1999, Brian Wellington wrote:
Caching-only servers are also vulnerable. The NXT record is no different that any other DNS record in this case. If someone is able to make your server fetch a maliciously-constructed NXT record, it will cause problems. A query to a caching server will force the server to send a recursive query, which makes the caching server vulnerable.
All the more reason to define local IP ranges and restrict allow-query to those ranges only by default. AB
Current thread:
- (no subject) Anonymous (Nov 10)
- (no subject) David R. Conrad (Nov 11)
- Re: CERT Advisory CA-99-14 Multiple Vulnerabilities in BIND Solar Designer (Nov 12)
- Buffer overflow exploit in the alpha linux Taeho Oh (Nov 13)
- Re: Buffer overflow exploit in the alpha linux Lamont Granquist (Nov 15)
- Re: your mail Brian Wellington (Nov 11)
- Re: your mail Alan Brown (Nov 12)
- [ Cobalt ] Security Advisory - Bind Jeff Bilicki (Nov 12)
- Microsoft Security Bulletin (MS99-049) Aleph One (Nov 12)
- Re: your mail Alain Thivillon (Nov 11)
- [w00giving '99 #3, w00news] UnixWare 7's /var/sadm Matt Conover (Nov 11)
- Re: your mail Firstname Lastname (Nov 12)
- (no subject) David R. Conrad (Nov 11)