[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] [bugtraq] Re: CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning

To: ganbold@xxxxxxxxxxxxx (Ganbold)
Subject: Re: [Full-disclosure] [bugtraq] Re: CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning
From: "Tuc at T-B-O-H.NET" <ml@xxxxxxxxxxx>
Date: Fri, 25 Jul 2008 16:09:07 -0400 (EDT)

> 
> On FreeBSD 7.0-STABLE (updated on Fri May 23) it fails to create raw 
> socket even when running as root:
> ...
> [-] This module is configured to use a raw IP socket. On Unix systems, 
> only the root user is allowed to create raw sockets.Please run the 
> framework as root to use this module.
>  
> [*] Attempting to inject poison records for example.com.'s nameservers 
> into 202.72.241.4:55088...
> [-] Auxiliary failed: undefined method `sendto' for nil:NilClass
> 
        Thats a known issue. May be on any *BSD system, not sure 
about Windows. The authors were alerted, but don't have a time to 
resolution set. I guess Linux is the default of the hack platform. ;)

                Tuc/TBOH

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit
  - From: Ganbold

Prev by Date: Re: [Full-disclosure] Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows
Next by Date: [Full-disclosure] ZDI-08-045: Apple Safari StyleSheet ownerNode Heap Corruption Vulnerability
Previous by thread: Re: [Full-disclosure] Re : CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit
Next by thread: [Full-disclosure] CAU-EX-2008-0003: Kaminsky DNS Cache Poisoning Flaw Exploit for Domains
Index(es):
- Date
- Thread