Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

[Fwd: [Full-disclosure] NISCC DNS Protocol Vulnerability]

  • From: Gadi Evron
  • Date: Mon May 01 15:55:33 2006

As an FYI, seems serious.
No real or any details yet. Like a friend said, you can guess where to look for it yourselves but this release is rather useless until more details are given.

Attached is the message from FD.

Gadi.

--
/~\ The Green
\ / Ribbon Campaign
X Against Purple
/ \ Ribbons! -- "The Geometry of Shadows", Babylon 5.
--- Begin Message --- http://www.niscc.gov.uk/niscc/vulnAdv-en.html
"The vulnerabilities described in this advisory affect implementations of the Domain Name System (DNS) protocol. Many vendors include support for this protocol in their products and may be impacted to varying degrees, if at all."

"Impact:
..DoS...memory corruption...stack corruption...buffer overflow exploits"

"Vendors affected:
Cisco, Delegate, Ethereal, Hitachi, ISC, Juniper Networks, MyDNS, pdnsd, Sun, Wind River & Microsoft"

Whole stuff in .pdf format
http://www.niscc.gov.uk/niscc/docs/re-20060425-00312.pdf?lang=en



--
My computer security & privacy related homepage
http://www.markusjansson.net
Use HushTools or GnuPG/PGP to encrypt any email
before sending it to me to protect our privacy.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


--- End Message ---



Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.