CERT advisories/CA-2002-19.html
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Wed Aug 28 06:58:09 UTC 2002
There is unpleasant news from CERT regarding the resolver overflow problems.
The initial announcement manetioned that using bind-9 as resolving nameserver
would "sanitize" responses to prevent atacks. Now CERT tells us that this
is not enough.
It's unclear to me the exact circomstances where bind-9 allows
nasty responses to slip through to the resolver. Is this possible
to fix ( is there hope for an updated bind-9 that does this ) ?
Could anyone from isc comment on this ?
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list