[dns-operations] CVE-2015-7547: glibc getaddrinfo buffer overflow
Andrew Boling
aboling at gmail.com
Sun Mar 6 19:19:32 UTC 2016
On Fri, Mar 4, 2016 at 9:20 AM, Mark Jeftovic <markjr at easydns.com> wrote:
>
> Has this bug been given some cool name like "heartbleed" or "poodle" or
> does that happen if an actual exploit surfaces?
>
>
At my place of employment, many have been calling it "GHOST 2", "GHOST: The
[Redux/Sequel/etc.]", and so on. It's not an accurate label as the exploit
exists in the nss_dns module, but it gets the point across faster to
business people.
I guess you could call this an endorsement of why *not* to call it that in
a publication... ;)
>
> On 2016-02-23 3:42 PM, Florian Weimer wrote:
> > * Brian Hartvigsen:
> >
> >> (For me this is also an issue with the disclosure, we want to protect
> >> people from being exploited obviously, but the initial posting didn’t
> >> give a ton of information on what an actual attack could/would look
> >> like.
> >
> > We were pretty sure that there was no effective recursor-side
> > mitigation of unknown attacks, without resorting to
> > non-protocol-compliant hacks. This has not changed.
> >
> > I expect that it will be relatively straightforward to filter concrete
> > attacks (if they ever happen), with the usual whack-a-mole approach,
> > as they pass through the DNS hierarchy. Of course, this does not
> > apply to exploitation by on-path or blind-spoofing attackers,
> > bypassing the DNS hierarchy.
> >
> > _______________________________________________
> > dns-operations mailing list
> > dns-operations at lists.dns-oarc.net
> > https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> > dns-jobs mailing list
> > https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
> >
>
> --
> Mark Jeftovic, Founder & CEO, easyDNS Technologies Inc.
> Company Website: http://easydns.com
> Read my blog: http://markable.com
> +1-416-535-8672 ext 225
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20160306/53efa92e/attachment.html>
More information about the dns-operations
mailing list