[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#182886: libc6: local hostnames containing a dot get forwarded outside when doing host-lookups.

Package: libc6
Version: 2.2.5-11.2
Severity: normal
Tags: security

When having a resolv.conv with a line

search subdomain.domain.tld domain.tld

and doing a hostlookup, for example by

ping host.anothersubdomain

it sends dns-requests for


instead of a correct


thus not only causing unnecessary traffic for
the root-dns-servers but broadcasts informations
to the outside and makes man-in-the-middle
attacks possible. (Or better to say: It makes
places outside the local net to be in the "middle", 
for connections, one had never guessed this)

Using "normal" severity instead of "critical" as
the additional attack parts opened up by this
security hole should only be relevant in quite
large organisations under special circumstances
and from a place other attacks might also be

With respect to responsivity of computers with
far away nameserver, a fix may also need to
let the user switch between theese behaviours,
(though the secure one should be default or
 prominently described)

	Bernhard R. Link

-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux pcpool09 2.2.20 #1 Fri May 3 12:42:31 CEST 2002 i586
Locale: LANG=de_DE@euro, LC_CTYPE=de_DE

Reply to: