From owner-freebsd-security  Wed Jun 26  9: 7:16 2002
Delivered-To: freebsd-security@freebsd.org
Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153])
	by hub.freebsd.org (Postfix) with ESMTP id 577C037B400
	for <freebsd-security@freebsd.org>; Wed, 26 Jun 2002 09:07:08 -0700 (PDT)
Received: from madman.nectar.cc (madman.nectar.cc [10.0.1.111])
	by gw.nectar.cc (Postfix) with ESMTP
	id D131D23; Wed, 26 Jun 2002 11:07:07 -0500 (CDT)
Received: from madman.nectar.cc (localhost [IPv6:::1])
	by madman.nectar.cc (8.12.3/8.12.3) with ESMTP id g5QG77sE072941;
	Wed, 26 Jun 2002 11:07:07 -0500 (CDT)
	(envelope-from nectar@madman.nectar.cc)
Received: (from nectar@localhost)
	by madman.nectar.cc (8.12.3/8.12.3/Submit) id g5QG76r9072940;
	Wed, 26 Jun 2002 11:07:06 -0500 (CDT)
Date: Wed, 26 Jun 2002 11:07:06 -0500
From: "Jacques A. Vidrine" <nectar@freebsd.org>
To: Alain Thivillon <at@rominet.net>
Cc: freebsd-security@freebsd.org
Subject: Re: bsd libc dns resolving code vulnerable?
Message-ID: <20020626160706.GC72438@madman.nectar.cc>
Mail-Followup-To: "Jacques A. Vidrine" <nectar@FreeBSD.org>,
	Alain Thivillon <at@rominet.net>, freebsd-security@freebsd.org
References: <20020626165034.Q35146-100000@gwdu60.gwdg.de> <20020626152832.GE65700@madman.nectar.cc> <20020626153954.GL9492@roadrunner.rominet.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20020626153954.GL9492@roadrunner.rominet.net>
User-Agent: Mutt/1.4i
X-Url: http://www.nectar.cc/
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Wed, Jun 26, 2002 at 05:39:54PM +0200, Alain Thivillon wrote:

To be clear, we're not certain that it /is/ exploitable.  However,
the only safe thing to do is assume that it is.

> Do you know if using a local caching name server will prevent
> exploitation ? 

I'm afraid I don't know.  It depends upon whether the name server
rejects or cleans responses.  And it would have to be local, as
in localhost.

Cheers,
-- 
Jacques A. Vidrine <n@nectar.cc>                 http://www.nectar.cc/
NTT/Verio SME          .     FreeBSD UNIX     .       Heimdal Kerberos
jvidrine@verio.net     .  nectar@FreeBSD.org  .          nectar@kth.se

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message