2 matches found
[SECURITY] Fedora 19 Update: ndjbdns-1.06-1.fc19
New djbdns: is a usable fork of djbdns. djbdns' is a Domain Name System originally written by the eminent author of Qmail, Dr D. J. Bernstein. This new version of djbdns is a complete makeover to the original sourcedjbdns-1.05 and is meant to make life a lot more pleasant. The notable changes so...
djbdns超长响应报文远程缓存中毒漏洞
BUGTRAQ ID: 33937 djbdns是一个由Qmail的作者所设计的轻量级DNS server。 djbdns的response.c文件负责处理名称压缩。该文件12行对nameptr数组有each 16384的标注,但responseaddname没有强制这个限制。如果用户向报文中编码的名称中第一个后缀大于或等于16384字节的话,responseaddname就会错误的编码到名称的偏移,生成畸形的响应报文。这种响应报文会给查询用户误导性信息,有助于攻击者执行中间人等网络欺骗攻击。 D. J. Bernstein djbdns 1.05 厂商补丁: D. J. Bernste...