Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 03 Apr 2013 17:07:58 +0200
From: Florian Weimer <fweimer@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request: glibc getaddrinfo() stack overflow

On 04/03/2013 04:55 PM, Sebastian Krahmer wrote:

> glibc resolver surprisingly seems to accept indeed larger
> UDP packets than DNS servers would send without EDNS0.
> But depending on setup its probably hard to get such large
> packets through your local recursive DNS, not to speak
> about the firewall. Maybe its possible to signal truncation
> and force a TCP connect?

Yes, this is with the TCP transport.  With a suitably prepared zone, I 
can get up to

$ getent hosts  ... | wc -l
4093

A records (over DNS, just to be clear).

-- 
Florian Weimer / Red Hat Product Security Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ