CVE-2008-1447 v. glibc
Bojan Smojver
bojan at rexursive.com
Wed Jul 9 07:00:00 UTC 2008
Tom Lane <tgl <at> redhat.com> writes:
> The normal configuration for a stub resolver is that it's only pointed
> to locally-controlled caching servers; so long as you've fixed those
> servers, you should be safe AFAICS.
I'm not so much worried about my own configuration, but that of a random Fedora
installation, that may be pointing to caching servers that are not locally
controlled (e.g. that of ISP). That CERT VU#800113 talks about patching of stub
resolvers:
"Stub resolvers that will issue queries in response to attacker behavior, and
may receive packets from an attacker, should be patched."
So, it's more a general question about glibc and this CVE.
--
Bojan
More information about the devel
mailing list