[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: CVE-2008-1447 v. glibc



Adam Tkac <atkac redhat com> writes:

> In my opinion endpoint stub resolvers are not so vulnerable. If you want
> spoof DNS data to resolver you have to force that resolver to
> send query for name that you know

This part is generally not a problem. I can think of several ways to
achieve that, and I am sure that there are minds more devious than
mine.


/Benny



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]