Re: FWD: CVE-request: systemd-resolved DNS cache poisoning
Hi.
On Wed, Nov 12, 2014 at 02:22:06PM -0200, Martinx - ジェームズ wrote:
> Guys,
>
> This worth to be read:
>
> http://seclists.org/oss-sec/2014/q4/592
The link says:
systemd-resolved contains a caching resolver, which has to be enabled
via /etc/nsswitch.conf in order to be integrated.
So, disable offending DNS cache (if it's enabled), install conventional
nscd, problem solved.
And, according to CVE database, that's eighth vulnerability in systemd
suite. Not that much given systemd's lifetime.
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=systemd
Reco
Reply to: