Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Subscribe





















Security Vulnerability

Vigil@nce - Squid: denial of service via DNS

August 2010 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/

SYNTHESIS OF THE VULNERABILITY

An attacker can send DNS packets with TC flag, in order to stop the Squid proxy.

Severity: 1/4

Creation date: 25/08/2010

DESCRIPTION OF THE VULNERABILITY

The Squid proxy implements a DNS resolver, which queries DNS servers and analyzes its answers.

The idnsSendQuery() of the file src/dns_internal.cc send a DNS query. If the answer is greater than 512 bytes (TC flag on), the query is resent using TCP. However, in that case, idnsSendQuery() tries to resend the query on a closed socket. The assert() function is called stopping the program.

An attacker, with a malicious DNS server, can therefore answer to Squid with big packets, in order to generate a denial of service.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/S...


See previous articles

    

See next articles

Last events

Thanks to all of our sponsors

The readers of our magazine are CIOs, IT security managers, IT Directors and other security professionals.
Thanks to all of our sponsors
- GOLD SPONSOR


    

See all events

All our news in english





















Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts

 
News Files Security Vulnerability Malware Update Diary Guide & Podcast Jobs TRAINING Contact About Mentions légales S'identifier ADMIN

Global Security Mag Copyright 2011