|
|
Re: CERT Advisory CA-2003-01 Buffer Overflows in ISC DHCPD Minires Library: msg#00290network.dhcp.isc.dhcp-server
*** From dhcp-server -- To unsubscribe, see the end of this message. *** Josh Hicks <jhicks@xxxxxxx> writes: > *** From dhcp-server -- To unsubscribe, see the end of this message. *** > > > > Quick question: > > If I were to disable the 'NSUPDATE' feature of dhcpd, would I still be > vulnerable to the above CERT Advisory? a related question - if you ignore the client supplied hostname (i think the config params are "use-host-decl-names on" & "ignore client-updates") but still do ddns, are you still at risk? i've read the release and it seems to imply that if you pass the client supplied hostname to the dynamic dns subsystem, you are vulnerable. thanks, jeff ----------------------------------------------------------------------- List Archives : http://www.isc.org/ml-archives/dhcp-server/ Unsubscribe : http://www.isc.org/dhcp-lists.html -or- : mailto:dhcp-server-request@xxxxxxx?Subject=unsubscribe ----------------------------------------------------------------------- |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | CERT Advisory CA-2003-01 Buffer Overflows in ISC DHCPD Minires Library: 00290, Josh Hicks |
|---|---|
| Next by Date: | dhcpd and cygwin: 00290, Phillipe Valle |
| Previous by Thread: | CERT Advisory CA-2003-01 Buffer Overflows in ISC DHCPD Minires Libraryi: 00290, Josh Hicks |
| Next by Thread: | dhcpd and cygwin: 00290, Phillipe Valle |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |