[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: CVE-2008-1447 v. glibc



Tom Lane <tgl <at> redhat.com> writes:

> The normal configuration for a stub resolver is that it's only pointed
> to locally-controlled caching servers; so long as you've fixed those
> servers, you should be safe AFAICS.

I'm not so much worried about my own configuration, but that of a random Fedora
installation, that may be pointing to caching servers that are not locally
controlled (e.g. that of ISP). That CERT VU#800113 talks about patching of stub
resolvers:

"Stub resolvers that will issue queries in response to attacker behavior, and
may receive packets from an attacker, should be patched."

So, it's more a general question about glibc and this CVE.

--
Bojan





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]