North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

[Fwd: [Full-disclosure] NISCC DNS Protocol Vulnerability]

  • From: Gadi Evron
  • Date: Mon May 01 15:55:33 2006

As an FYI, seems serious.
No real or any details yet. Like a friend said, you can guess where to look for it yourselves but this release is rather useless until more details are given.

Attached is the message from FD.


/~\ The Green
\ / Ribbon Campaign
X Against Purple
/ \ Ribbons! -- "The Geometry of Shadows", Babylon 5.
--- Begin Message ---
"The vulnerabilities described in this advisory affect implementations of the Domain Name System (DNS) protocol. Many vendors include support for this protocol in their products and may be impacted to varying degrees, if at all."

..DoS...memory corruption...stack corruption...buffer overflow exploits"

"Vendors affected:
Cisco, Delegate, Ethereal, Hitachi, ISC, Juniper Networks, MyDNS, pdnsd, Sun, Wind River & Microsoft"

Whole stuff in .pdf format

My computer security & privacy related homepage
Use HushTools or GnuPG/PGP to encrypt any email
before sending it to me to protect our privacy.

Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia -

--- End Message ---