Date: Sat, 13 Mar 1999 05:25:13 -0800 (PST) From: Jesse <j@lumiere.net> To: freebsd-security@freebsd.org Subject: bind 8.1.2 cache poisoning Message-ID: <Pine.BSF.4.05.9903130520380.7303-100000@leaf.lumiere.net>
next in thread | raw e-mail | index | archive | help
Hi, I scanned my archives of freebsd-security and bugtraq and was surprised not to find aynthing on the topic. Sorry if I'm missing something obvious.. I run an IRC server that's part of a small network. Recently I noticed one user with a very obviously fake hostname. The user started bragging to various people about it. He said that he had inserted bogus entries into the cache of the nameserver. So I checked around and found in the Jan 99 section of rootshell an exploit which claims to insert entries into the caches of bind 8.1.2 servers (which is what I run and as far as I can tell is the latest version). If this is true, as it appears, I'm wondering why there's been no discussion of this anywhere (or any fixes). Seems pretty serious if anyone can screw with your DNS cache.. Hopefully there's some sort of configuration error on my part that allows this to happen, but I think I have a pretty normal, secure setup. Any comments? I thought I'd check here first before writing the bind maintainers. Thanks, --- Jesse <j@lumiere.net> http://www.lumiere.net/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9903130520380.7303-100000>