Vulnerability Development mailing list archives
CLARIFICATION: bind hack or just bein funny???
From: Chico Demetroff <chico () SUMMITPRO COM>
Date: Tue, 12 Dec 2000 10:06:47 -0500
this was the message that i sent to security focus.. *seconds* apart.. but it never showed.. :( so, since i was so impatient about thinkin and quick to submit emails right after another. i have received some flames.. they were deserved.. becuz i was quick to write and not think.. but for the people out there that doubt that this is sploitable or damaging... and flame of it's insignificance.. consider a malformed url using the unicode exploit to use tftp to download a trojan or some other malformed url that could DoS the webserver service.. it is entirely possible.. one would think that they got a link to execute against a remote machine and when it executes it executes locally.. not a "awesome" discovery but nonetheless somethin to be aware of.. respect at least that.. :) and sorry i was typin and not thinkin.. haven't u ever looked for the pencil/pen thats in your ear??? i will watch it next time.. :) regards. -----Original Message----- From: Chico Demetroff Sent: Monday, December 11, 2000 12:29 PM To: 'VULN-DEV () SECURITYFOCUS COM' Subject: FW: bind hack or just bein funny??? well i need to quit and think a lil bit.. :P the dns servers r routing the dns servers ips and the 127.0.0.1 is bundled in that packet request.. so it's not the routers routing the ip 127.0.0.1.. doHH..!! maybe a restriction in bind or something?? ------------------------------- after more thought.. why r routers routing 127.0.0.1.. thats a non-routable internet ip... one could have sent a malformed url that possibly "trojaned" and/or damaged your local webserver... well just another thing to watch out for.. ;P ------------------------ www.hack.co.za put it in your browser.. do some nslookups.. u will see.. :P
Current thread:
- CLARIFICATION: bind hack or just bein funny??? Chico Demetroff (Dec 13)