Bugtraq mailing list archives
Re: Fwd: tcpdump workaround against dnsloop exploit.
From: scut () NB IN-BERLIN DE (Sebastian)
Date: Sun, 7 May 2000 12:01:12 +0200
On Wed, May 03, 2000 at 05:32:26PM -0500, THE INFAMOUS wrote:
Hi,
Hi.
Here is my patch to tcpdump against the dnsloop exploit... I have really no knowledge of the dns internal at all, so this is probably not ( and this is not ) the good way of preventing this.
It prevents only the "jump-on-itself" type of attack, but it leaves the decoder still vulnerable to other type of compression attacks where more then one label is involved. The only secure way is to use a label counter such as in the BIND decompression routines.
+ /* + * If we got two time the same data ptr, + * this mean we are looping. + */ + if ( cp == old) + return NULL; + old = cp;
Imagine something like: alabel<pointer-ahead-to-b-label>blabel<pointer-to-a-label> ciao, scut -- - scut () nb in-berlin de - http://nb.in-berlin.de/scut/ --- you don't need a -- -- lot of people to be great, you need a few great to be the best ------------ http://3261000594/scut/pgp - 5453 AC95 1E02 FDA7 50D2 A42D 427E 6DEF 745A 8E07 -- data in VK/USA Mayfly experienced, awaiting transfer location, hi echelon -
Current thread:
- glibc resolver weakness, (continued)
- glibc resolver weakness antirez (May 02)
- Re: glibc resolver weakness Bennett Todd (May 03)
- Re: glibc resolver weakness Valdis.Kletnieks () VT EDU (May 03)
- Re: glibc resolver weakness Andrew Brown (May 03)
- Cayman 3220-H DSL Router DOS cassius () HUSHMAIL COM (May 05)
- Fun with UltraBoard V1.6X rudi carell (May 03)
- Fwd: tcpdump workaround against dnsloop exploit. THE INFAMOUS (May 03)
- Re: tcpdump workaround against dnsloop exploit. David Schwartz (May 06)
- NetBSD Security Advisory 2000-002 Daniel Carosone (May 06)
- [NHC20000504a.0: NetBSD Panics when sent unaligned IP options] NHC Research (May 06)
- Re: Fwd: tcpdump workaround against dnsloop exploit. Sebastian (May 07)
- Re: Fun with UltraBoard V1.6X Juan M. Bello Rivas (May 05)
- Fwd: tcpdump workaround against dnsloop exploit. THE INFAMOUS (May 03)
- glibc resolver weakness antirez (May 02)