[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] DNS Pointer - DoS Exploit

To: Florian Weimer <fweimer@xxxxxx>
Subject: Re: [Full-disclosure] DNS Pointer - DoS Exploit
From: Srinivas Naik <naik.srinu@xxxxxxxxx>
Date: Sat, 4 Dec 2010 12:12:42 +0530

Thanks for the input Mr. Weimer

I am planning to trigger this exploit and wandering how to construct such a
packet.

Ultimate goal is to make a client request which can cause this effect. If
possible, scripting ideas would be helpful.

Cheers,
Naik

On Fri, Dec 3, 2010 at 10:22 PM, Florian Weimer <fweimer@xxxxxx> wrote:

> * Srinivas Naik:
>
> > A DNS packet with a pointer loop is a protocol anomaly which some
> programs
> > may not handle gracefully.
>
> Try this:
>
> 00 00 00 00 00 01 00 00 00 00 00 00 C0 0C
>
> --
> Florian Weimer                <fweimer@xxxxxx>
> BFK edv-consulting GmbH       http://www.bfk.de/
> Kriegsstraße 100              tel: +49-721-96201-1
> D-76133 Karlsruhe             fax: +49-721-96201-99
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] DNS Pointer - DoS Exploit
  - From: Srinivas Naik
- Re: [Full-disclosure] DNS Pointer - DoS Exploit
  - From: Florian Weimer

Prev by Date: Re: [Full-disclosure] Passive PenTesting
Next by Date: Re: [Full-disclosure] New Source Code Vulnerability Scanner (Free 30 Day Trial)
Previous by thread: Re: [Full-disclosure] DNS Pointer - DoS Exploit
Next by thread: [Full-disclosure] Security Contact at ESRI GIS?
Index(es):
- Date
- Thread