[4328] in bugtraq
Re: SNI-12: BIND Vulnerabilities and Solutions (+ more problems)
daemon@ATHENA.MIT.EDU (Michael K. Sanders)
Thu Apr 24 02:38:07 1997
Date: Wed, 23 Apr 1997 23:12:33 -0600
Reply-To: "Michael K. Sanders" <msanders@AROS.NET>
From: "Michael K. Sanders" <msanders@AROS.NET>
X-To: Johannes Erdfelt <johan@BORG.SVENTECH.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Wed, 23 Apr 1997 19:34:20 EDT."
<Pine.LNX.3.95.970422142917.16221A-100000@borg.sventech.com>
In message <Pine.LNX.3.95.970422142917.16221A-100000@borg.sventech.com>, Johann
es Erdfelt writes:
>Since SNI has released that paper and stole all of the thunder out of my
>advisory, I'll post a couple of things in addition to their advisory.
>There's a couple of things in this post and it's semi long.
I don't know that I'd be too concerned about having all your thunder
stolen... I'm reminded of the 5th USENIX UNIX Security Symposium.
>There's a MUCH easier way of caching RR's. As long as the nameserver is
>older than 4.9.5+P1 which is > 90% of the net. I explained it in a paper I
>wrote last year I sent it off to Paul Vixie to get a reply (and possibly a
>patch) to the problem. The problem is basically this: BIND will cache
>ANYTHING that it gets in the return packet. This advisory was
>partially leaked to nanog and is known to have been leaked to a number
>of other people. Here it is from my original advisory (complete with
>spelling and grammar mistakes):
... so how is all of this different from Bellovin's original 1990
paper?
<URL:http://penguin.cso.uiuc.edu/~lemson/securitysymp/session7.html>
<URL:http://www.usenix.org/publications/library/proceedings/security95/bellovin.html>
