[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Re: Re: ntpd stack evasion exploit

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Re: Re: ntpd stack evasion exploit
From: "Dave Korn" <davek_throwaway@xxxxxxxxxxx>
Date: Thu, 12 Jan 2006 14:40:32 -0000

Valdis.Kletnieks@xxxxxx wrote in 
news:200601112011.k0BKBoTR026743@xxxxxxxxxxxxxxxxxxxxxxx
>On Wed, 11 Jan 2006 19:01:09 GMT, Dave Korn said:
>
>> George A. Theall wrote in news:20060111013853.GA2756@xxxxxxxxxxxx
>>
>>>At least the original poster didn't offer up any hostnames.
>>
>>   Well, apart from this one:
>>
>>>Original-Received: from p3fed1.frb.org (p3fed1.frb.org [199.169.208.132])
>
>Any bets as to whether any of the 3 DNS servers will allow a AXFR of either
>the forward or PTR zones?


  I thought of that, but have to admit that I didn't quite have the bottle 
to check from a traceable ip address!


    cheers,
      DaveK
-- 
Can't think of a witty .sigline today.... 



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- Re: [Full-disclosure] ntpd stack evasion exploit
  - From: ad@xxxxxxxxxxxxxxxx
- Re: [Full-disclosure] ntpd stack evasion exploit
  - From: Sean Crawford
- Re: [Full-disclosure] ntpd stack evasion exploit
  - From: George A. Theall
- [Full-disclosure] Re: ntpd stack evasion exploit
  - From: Dave Korn
- Re: [Full-disclosure] Re: ntpd stack evasion exploit
  - From: Valdis . Kletnieks

Prev by Date: [Full-disclosure] [SECURITY] [DSA 938-1] New koffice packages fix arbitrary code execution
Next by Date: [Full-disclosure] Re: [EEYEB-20051117B] Apple iTunes (QuickTime.qts)Heap Overflow
Previous by thread: Re: [Full-disclosure] Re: ntpd stack evasion exploit
Next by thread: Re: [Full-disclosure] ntpd stack evasion exploit
Index(es):
- Date
- Thread