From owner-freebsd-security  Wed Jun 26  8:43:59 2002
Delivered-To: freebsd-security@freebsd.org
Received: from math.teaser.net (math.teaser.net [213.91.2.4])
	by hub.freebsd.org (Postfix) with ESMTP id 8D9F137B9EF
	for <freebsd-security@freebsd.org>; Wed, 26 Jun 2002 08:39:56 -0700 (PDT)
Received: from roadrunner.rominet.net (ATuileries-109-1-2-231.abo.wanadoo.fr [80.13.122.231])
	by math.teaser.net (Postfix) with ESMTP id AE3A26C828
	for <freebsd-security@freebsd.org>; Wed, 26 Jun 2002 17:39:55 +0200 (CEST)
Received: by roadrunner.rominet.net (Postfix, from userid 1000)
	id D2017814A; Wed, 26 Jun 2002 17:39:54 +0200 (CEST)
Date: Wed, 26 Jun 2002 17:39:54 +0200
From: Alain Thivillon <at@rominet.net>
To: freebsd-security@freebsd.org
Subject: Re: bsd libc dns resolving code vulnerable?
Message-ID: <20020626153954.GL9492@roadrunner.rominet.net>
References: <20020626165034.Q35146-100000@gwdu60.gwdg.de> <20020626152832.GE65700@madman.nectar.cc>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20020626152832.GE65700@madman.nectar.cc>
User-Agent: Mutt/1.3.24i
X-Organization: Rominet Networks Inc.
X-Operating-System: FreeBSD 4.6-RC
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

> > http://www.pine.nl/advisories/pine-cert-20020601.txt
> > 
> > Any comments?
> 
> Fixed in -CURRENT, RELENG_4, and RELENG_4_6 early this morning.  I
> believe Warner is fixing RELENG_4_5 at the moment.  When that is done,
> an advisory will be published.
> 
> In short: upgrade.  Be sure to recompile any statically linked
> applications that use DNS.

Do you know if using a local caching name server will prevent
exploitation ? In short, does for example bind filters the responses
leading to an overflow ? In this case, i will classify this to
non-critical bug, because if someone has root access to your nameserver,
you are in trouble, even without overflow in libc.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message