Re: getaddrinfo NXDOMAIN exploit - please test on CentOS 6 64-bit

On 4/2/2012 6:53 PM, John Nagle wrote: On 4/1/2012 1:41 PM, John Nagle wrote: On 4/1/2012 9:26 AM, Michael Torrie wrote: On 03/31/2012 04:58 PM, John Nagle wrote: Removed all "search" and "domain" entries from /etc/resolve.conf It's a design bug in glibc. I just submitted a bug report. ht

Re: getaddrinfo NXDOMAIN exploit - please test on CentOS 6 64-bit

On 4/1/2012 1:41 PM, John Nagle wrote: On 4/1/2012 9:26 AM, Michael Torrie wrote: On 03/31/2012 04:58 PM, John Nagle wrote: Removed all "search" and "domain" entries from /etc/resolve.conf It's a design bug in glibc. I just submitted a bug report. http://sourceware.org/bugzilla/show_bug.cg

Re: [OT] getaddrinfo NXDOMAIN exploit - please test on CentOS 6 64-bit

On 4/1/2012 9:26 AM, Michael Torrie wrote: On 03/31/2012 04:58 PM, John Nagle wrote: If you can make this happen, report back the CentOS version and the library version, please. CentOS release 6.2 (Final) glibc-2.12-1.47.el6_2.9.x86_64 example does not ping example.com does not resolve to exa

Re: [OT] getaddrinfo NXDOMAIN exploit - please test on CentOS 6 64-bit

On 03/31/2012 04:58 PM, John Nagle wrote: > If you can make this happen, report back the CentOS version and > the library version, please. CentOS release 6.2 (Final) glibc-2.12-1.47.el6_2.9.x86_64 example does not ping example.com does not resolve to example.com.com Removed all "search" and "dom

Re: getaddrinfo NXDOMAIN exploit - please test on CentOS 6 64-bit

Am 01.04.2012 06:31 schrieb John Nagle: In any case, this seems more appropriate for a Linux or a CentOS newsgroup/mailing list than a Python one. Please do not reply to this post in comp.lang.python. -o I expected that some noob would have a reply like that. You are unable to provide appro

Re: getaddrinfo NXDOMAIN exploit - please test on CentOS 6 64-bit

On 3/31/2012 9:26 PM, Owen Jacobson wrote: On 2012-03-31 22:58:45 +, John Nagle said: Some versions of CentOS 6 seem to have a potential getaddrinfo exploit. See To test, try this from a command line: ping example If it fails, good. If it returns pings from "example.com", bad. The getadd

Re: getaddrinfo NXDOMAIN exploit - please test on CentOS 6 64-bit

On 2012-03-31 22:58:45 +, John Nagle said: Some versions of CentOS 6 seem to have a potential getaddrinfo exploit. See To test, try this from a command line: ping example If it fails, good. If it returns pings from "example.com", bad. The getaddrinfo code is adding ".com" to

getaddrinfo NXDOMAIN exploit - please test on CentOS 6 64-bit

Some versions of CentOS 6 seem to have a potential getaddrinfo exploit. See To test, try this from a command line: ping example If it fails, good. If it returns pings from "example.com", bad. The getaddrinfo code is adding ".com" to the domain. If that returns pings, please try