[dns-operations] ShellShock exploit through the DNS
paul at redbarn.org
Sat Oct 18 20:09:52 UTC 2014
On October 18, 2014 4:06:07 PM EDT, Florian Weimer <fw at deneb.enyo.de> wrote:
>Red Hat Enterprise Linux does not have this vector. It uses the
>regular glibc resolver, which is based on the old BIND stub resolver,
>and this code has both escaping from wire format to the textual
>representation (which destroys the magic pattern) and the res_hnok
>check (which rejects shell meta-characters).
Wow. That code has been hugely unpopular but it turns out there may have been a pont to it other than protecting sendmail qf files back in 1995. Thanks for sharing.
What about getnameinfo and getaddrinfo?
Sent from my Android device with K-9 Mail. Please excuse my brevity.
More information about the dns-operations