diff options
author | Kai Blin <kai@samba.org> | 2014-05-13 08:13:29 +0200 |
---|---|---|
committer | Kai Blin <kai@samba.org> | 2014-05-20 04:15:44 +0200 |
commit | 392ec4d241eb19c812cd49ff73bd32b2b09d8533 (patch) | |
tree | 0efd8aae099421ed446f939e68def422d827380b /python/uuidmodule.c | |
parent | e5649ef6ee7fe2fd333ffdce3464c45a0cf01c9f (diff) | |
download | samba-392ec4d241eb19c812cd49ff73bd32b2b09d8533.tar.gz samba-392ec4d241eb19c812cd49ff73bd32b2b09d8533.tar.xz samba-392ec4d241eb19c812cd49ff73bd32b2b09d8533.zip |
bug #10609: CVE-2014-0239 Don't reply to replies
Due to insufficient input checking, the DNS server will reply to a packet that
has the "reply" bit set. Over UDP, this allows to send a packet with a spoofed
sender address and have two servers DOS each other with circular replies.
This patch fixes bug #10609 and adds a test to make sure we don't regress.
CVE-2014-2039 has been assigned to this issue.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609
Signed-off-by: Kai Blin <kai@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Kai Blin <kai@samba.org>
Autobuild-Date(master): Tue May 20 04:15:44 CEST 2014 on sn-devel-104
Diffstat (limited to 'python/uuidmodule.c')
0 files changed, 0 insertions, 0 deletions