Bug/Vulnerability in `Dig' in latest dnsutils/bind9

Hi everybody, Awhile back I found a bug in Dig with the combination of the '+nssearch' and '+tcp' flag. (https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1258003) It has since been patched. I've come across another bug/vulnerability. From what I can tell, it's a null pointer bug. Using the

Re: Bug/Vulnerability in `Dig' in latest dnsutils/bind9

Hi Joshua On Tue, Oct 28, 2014 at 07:30:45PM +1100, Joshua Rogers wrote: Using the +nssearch and +tcp flags together, when looking at a domain with an ipv6 address, Dig crashes with a segmentation fault. Thank you for this bug report. I've forwarded it to our bug tracker. If you want to

Re: Bug/Vulnerability in `Dig' in latest dnsutils/bind9

Thanks. Also, this may be relevant: Fails an assertion on NetBSD, maybe this provides further insight: $ uname -a NetBSD alix.localdomain 6.1_STABLE NetBSD 6.1_STABLE (ALIXKERN) #0: Sat Oct 11 16:21:44 CEST 2014 fisted@alix.localdomain:/usr/src/sys/arch/i386/compile/ALIXKERN i386 $ dig -v

Re: Bug/Vulnerability in `Dig' in latest dnsutils/bind9

Hi Joshua On Tue, Oct 28, 2014 at 07:30:45PM +1100, Joshua Rogers wrote: I'm not sure if this is really severe enough for a CVE-ID or not, but let me know about it anyways. This crashes out almost immediately after next is assigned -1, by dereferencing *(-1) which is likely not mapped on any

양지은 부재중 자동응답: RE: bind-users Digest, Vol 1965, Issue 1

NAVER - http://www.naver.com/ 양지은(jieun.yang@navercorp...) 님은 현재 부재중입니다./br 보내신 메일 bind-users Digest, Vol 1965, Issue 1 은 저장되어 있으므로 다시 보내실 필요는 없습니다./br 양지은(jieun.yang@navercorp...) 님이 남기신 메시지 입니다. 해외 출장으로 인한

ISC KB recursive server best practices

A couple of notes and queries re. https://kb.isc.org/article/AA-00874/0/Best-Practices-for-those-running-Recursive-Servers.html RRL: I don't think this is a good idea on recursive servers; at the very least it is difficult to tune appropriately for recursive servers. Also, RRL is available as a

Resolving a single host but not the entire subdomain

With bind, is it possible to resolve example.com locally, but *. example.com by forwarding? Thanks, Akos. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org

RE: Resolving a single host but not the entire subdomain

Not on a wildcard basis, no. You could enable forwarding for specific subdomains of example.com by delegating them from the example.com zone.

Re: Resolving a single host but not the entire subdomain

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 2014-10-28 at 13:47 +0100, Akos Polster wrote: With bind, is it possible to resolve example.com locally, but *. example.com by forwarding? Does your public example.com have NS records, or are you trying to force forwarding to a name server