[Date Prev][Date Next]
Re: (ITS#3642) back-dnssrv may cause assertion to fail
As potential DoS attacks are not considered "major security"
issues, I now make this report public.
At 01:00 PM 4/8/2005, email@example.com wrote:
>Full_Name: Pierangelo Masarati
>OS: Linux (whitebox)
>Submission from: (NULL) (18.104.22.168)
>Note: I've marked this as a security issue because it can potentially cause a
>denial of service for those that use DNSSRV. A quick fix is to disable the
>service; a cleaner solution consists in applying the simple fix I'm indicating
>A sr_ref is not cleared after sending a referral; this for instance may cause
>and assert() to fail in slapd, with subsequent abort(). The problem doesn't
>appear with searches, but may appear with other operations, like compare.
>Moreover, multiple results are being returned, because dnssrv_back_referrals()
>is returning 0 (success) instead of 10 (referral) after correctly processing the
>referral. This is also occurring with searches.
>A fix is in HEAD:
>i.e. back-dnssrv/referral.c 1.20 -> 1.22
>the very same fix can be applied to 2.2 and 2.3.