| commit | 392ec4d241eb19c812cd49ff73bd32b2b09d8533 | |
| author | Kai Blin <kai@samba.org> | |
| Tue, 13 May 2014 06:13:29 +0000 (13 08:13 +0200) | ||
| committer | Kai Blin <kai@samba.org> | |
| Tue, 20 May 2014 02:15:44 +0000 (20 04:15 +0200) | ||
| tree | 0efd8aae099421ed446f939e68def422d827380b | treesnapshot (tar.gz zip) |
| parent | e5649ef6ee7fe2fd333ffdce3464c45a0cf01c9f | commitdiff |
bug #10609: CVE-2014-0239 Don't reply to replies
Due to insufficient input checking, the DNS server will reply to a packet that
has the "reply" bit set. Over UDP, this allows to send a packet with a spoofed
sender address and have two servers DOS each other with circular replies.
This patch fixes bug #10609 and adds a test to make sure we don't regress.
CVE-2014-2039 has been assigned to this issue.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Tue May 20 04:15:44 CEST 2014 on sn-devel-104
Due to insufficient input checking, the DNS server will reply to a packet that
has the "reply" bit set. Over UDP, this allows to send a packet with a spoofed
sender address and have two servers DOS each other with circular replies.
This patch fixes bug #10609 and adds a test to make sure we don't regress.
CVE-2014-2039 has been assigned to this issue.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Tue May 20 04:15:44 CEST 2014 on sn-devel-104
| python/samba/tests/dns.py | diffblobblamehistory | |
| source4/dns_server/dns_server.c | diffblobblamehistory |