[4323] in bugtraq
Re: SNI-12: BIND Vulnerabilities and Solutions
daemon@ATHENA.MIT.EDU (David Wagner)
Wed Apr 23 16:40:54 1997
Date: Wed, 23 Apr 1997 02:18:56 -0700
Reply-To: David Wagner <daw@CS.BERKELEY.EDU>
From: David Wagner <daw@CS.BERKELEY.EDU>
X-To: bugtraq@crimelab.com
To: BUGTRAQ@NETSPACE.ORG
In article <5jjnjr$b5r@joseph.cs.berkeley.edu>,
David Wagner <daw@CS.BERKELEY.EDU> wrote:
> However, I think your patch won't fix the problem.
>
> It attempts to make the query ID unpredictable, but fails -- the "random"
> numbers it generates are still predictable (after a trivial 2^16 offline
> trials). And the seeding is terrible -- two years ago Netscape used
> timeofday and pid to seed their PRNG, too, and look what happened to them.
>
> Tell me I'm missing something.
Allow me to partially retract my claim. As far as I can tell the patch
works as intended on OpenBSD systems, and my concerns do not apply to
OpenBSD-based boxes. I'd like to publicly apologize to OpenBSD and Theo
de Raadt for tarring OpenBSD with too broad a brush.
However, I still believe the patch won't fix the problem on most systems:
as far as I can tell, it won't fix the hole on systems not running OpenBSD.
The secnet advisory probably should have included a note to this effect.
