getaddrinfo bug in glibc (CVE-2015-7547) questions?
Hello
I just about the bug. As far as I understand it's this: If you do reverse DNS lookups, and the result comes from an evil DNS server, bad things can happen. (if length > 2048) Now people are patching and rebooting. My question is if it's only the the DNS servers need fixing. If I boot with a old live cd and reverse lookup some nasty IP address, what will happen? |
It's not specifically DNS that needs patching (we're talking about an adversary exploiting what is "allowed" reply size-wise within the DNS RFCs) but any machine using an affected Glibc version that uses AF_UNSPEC-type lookups and uses unfiltered replies (doesn't say anything about the type) or receives unfiltered lookup results from other systems.
|
Ok. We have a DNS server using BIND, and as far as I understand, it's doing the actual resolving of reverse DNS lookups. Or am I incorrect?
The DNS server has been patched, but I was thinking it could maybe do the filtering of replies? A live CD gets the DNS from DHCP, so I was wondering if it was a way to protect them against this. |
Quote:
Quote:
|
All times are GMT -5. The time now is 06:38 PM. |