Vulnerability Development mailing list archives

BIND infoleak bug details?

From: gov-boi <gov-boi () HACK CO ZA>
Date: Thu, 1 Feb 2001 23:58:16 +0200

Synopsis: We have a working BIND TSIG exploit that we're looking for a
little help to improve.

The NAI advisory on the BIND TSIG bug states that:

``The "infoleak" bug, discovered by Claudio Musmarra, and described in
  CERT advisory CA-2001-02, permits an attacker to remotely retrieve stack
  frames from named''

Then, according to ISC:
   http://www.isc.org/products/BIND/bind-security.html
   ``It is possible to construct a inverse query that allows the stack to
     be read remotely exposing environment variables.''

Does anyone have details of the exact specifics of this vulnerability, or
exactly what type of malformed iquery will trigger this bug? The CERT
advisory, as usual, is completely useless..

- anathema / anathema () box co uk

Current thread:

BIND infoleak bug details? gov-boi (Feb 04)
- Re: BIND infoleak bug details? Lucian Hudin (Feb 05)
- <Possible follow-ups>
- BIND infoleak bug details? Bruce Leidl (Feb 05)