Deprecated: Function set_magic_quotes_runtime() is deprecated in /membri/cyberstorm/phpBB3/common.php on line 106
Neptune354 • View topic - dnsmasq 2.22 DNS vulnerability




Neptune354


SORRY GUYS; DUE TO A BIG AMOUNT OF SPAM I HAVE BLOCKED ALL THE FORUM ACTIVITY :-/
It is currently 01 Dec 2022, 05:30

All times are UTC + 1 hour [ DST ]





Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 2 posts ] 
Author Message
 Post subject: dnsmasq 2.22 DNS vulnerability
PostPosted: 16 Aug 2008, 15:20 
Offline
 Profile

Joined: 16 Aug 2008, 15:15
Posts: 1
The dnsmasq 2.22 included in Neptune354 v0.2 is vulnerable to the DNS attacks recently reported.

Is there any chance of a new version of Neptune354 incorporating the latest version of dnsmasq, 2.45, which is safe?


Top
 

 Post subject: Re: dnsmasq 2.22 DNS vulnerability
PostPosted: 16 Aug 2008, 22:19 
Offline
 Profile

Joined: 07 Apr 2008, 22:59
Posts: 9
It needn't be a particularly high priority as dnsmasq isn't a recursive resolver, meaning that if your selected upstream DNS (usually your ISP) is patched then the attack as proposed doesn't work, other attacks might be possible but they appear to be much more unlikely to work. Applying an effective patch requires more than just installing the dnsmasq update - it is also necessary to examine what effect the NAT operation will have on the port numbering.

I will look into it eventually but it isn't top of my TODO list.


Top
 

Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 2 posts ] 

All times are UTC + 1 hour [ DST ]



Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group  
Design By Poker Bandits