[90134] in North American Network Operators' Group
[Fwd: [Full-disclosure] NISCC DNS Protocol Vulnerability]
daemon@ATHENA.MIT.EDU (Gadi Evron)
Mon May 1 15:54:37 2006
Date: Mon, 01 May 2006 22:51:19 +0200
From: Gadi Evron <ge@linuxbox.org>
To: nanog list <nanog@merit.edu>
Errors-To: owner-nanog@merit.edu
This is a multi-part message in MIME format.
--------------080707040200090405020500
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
As an FYI, seems serious.
No real or any details yet. Like a friend said, you can guess where to
look for it yourselves but this release is rather useless until more
details are given.
Attached is the message from FD.
Gadi.
--
/~\ The Green
\ / Ribbon Campaign
X Against Purple
/ \ Ribbons! -- "The Geometry of Shadows", Babylon 5.
--------------080707040200090405020500
Content-Type: message/rfc822;
name="[Full-disclosure] NISCC DNS Protocol Vulnerability"
Content-Transfer-Encoding: 8bit
Content-Disposition: inline;
filename="[Full-disclosure] NISCC DNS Protocol Vulnerability"
X-Account-Key: account4
Return-Path: <full-disclosure-bounces@lists.grok.org.uk>
Delivered-To: ge@egotistical.reprehensible.net
Received: (qmail 79432 invoked from network); 29 Apr 2006 00:47:09 -0000
Received: from lists.grok.org.uk (195.184.125.51)
by lasziv.reprehensible.net with SMTP; 29 Apr 2006 00:47:09 -0000
Received: from lists.grok.org.uk (localhost [127.0.0.1])
by lists.grok.org.uk (Postfix) with ESMTP id A4E412AA;
Sat, 29 Apr 2006 01:46:50 +0100 (BST)
X-Original-To: full-disclosure@lists.grok.org.uk
Delivered-To: full-disclosure@lists.grok.org.uk
Received: from gw01.mail.saunalahti.fi (gw01.mail.saunalahti.fi
[195.197.172.115])
by lists.grok.org.uk (Postfix) with ESMTP id 71F7419B
for <full-disclosure@lists.grok.org.uk>;
Fri, 28 Apr 2006 20:58:50 +0100 (BST)
Received: from [192.168.1.101] (GMMMCCCVI.dsl.saunalahti.fi [85.76.244.207])
by gw01.mail.saunalahti.fi (Postfix) with ESMTP id AAAB811C0C3
for <full-disclosure@lists.grok.org.uk>;
Fri, 28 Apr 2006 22:58:49 +0300 (EEST)
Message-ID: <44527409.6030109@katsokotisivuilta.ni>
Date: Fri, 28 Apr 2006 22:59:05 +0300
From: Markus Jansson <seemyhomepage@katsokotisivuilta.ni>
Organization: www.markusjansson.net
User-Agent: Thunderbird 1.5 (Windows/20051201)
MIME-Version: 1.0
To: full-disclosure@lists.grok.org.uk
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 8bit
X-Mailman-Approved-At: Sat, 29 Apr 2006 01:46:43 +0100
Subject: [Full-disclosure] NISCC DNS Protocol Vulnerability
X-BeenThere: full-disclosure@lists.grok.org.uk
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: An unmoderated mailing list for the discussion of security issues
<full-disclosure.lists.grok.org.uk>
List-Unsubscribe: <https://lists.grok.org.uk/mailman/listinfo/full-disclosure>,
<mailto:full-disclosure-request@lists.grok.org.uk?subject=unsubscribe>
List-Archive: <http://lists.grok.org.uk/pipermail/full-disclosure>
List-Post: <mailto:full-disclosure@lists.grok.org.uk>
List-Help: <mailto:full-disclosure-request@lists.grok.org.uk?subject=help>
List-Subscribe: <https://lists.grok.org.uk/mailman/listinfo/full-disclosure>,
<mailto:full-disclosure-request@lists.grok.org.uk?subject=subscribe>
Sender: full-disclosure-bounces@lists.grok.org.uk
Errors-To: full-disclosure-bounces@lists.grok.org.uk
http://www.niscc.gov.uk/niscc/vulnAdv-en.html
"The vulnerabilities described in this advisory affect implementations
of the Domain Name System (DNS) protocol. Many vendors include support
for this protocol in their products and may be impacted to varying
degrees, if at all."
"Impact:
..DoS...memory corruption...stack corruption...buffer overflow exploits"
"Vendors affected:
Cisco, Delegate, Ethereal, Hitachi, ISC, Juniper Networks, MyDNS, pdnsd,
Sun, Wind River & Microsoft"
Whole stuff in .pdf format
http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en
--
My computer security & privacy related homepage
http://www.markusjansson.net
Use HushTools or GnuPG/PGP to encrypt any email
before sending it to me to protect our privacy.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--------------080707040200090405020500--