BIND 10 #2924: source address of notify response should be checked
BIND 10 Development
do-not-reply at isc.org
Mon Apr 22 21:42:53 UTC 2013
#2924: source address of notify response should be checked
--------------------------------------+----------------------------------
Reporter: jinmei | Owner:
Type: defect | Status: new
Priority: medium | Milestone: New Tasks
Component: xfrout | Keywords:
CVSS Scoring: | Sensitive: 0
Defect Severity: N/A | Sub-Project: DNS
Feature Depending on Ticket: | Estimated Difficulty: 0
Add Hours to Ticket: 0 | Total Hours: 0
Internal?: 0 |
--------------------------------------+----------------------------------
`isc.notify.notify_out._get_notify_reply()` doesn't check if the
source address of the message is identical to the expected one.
As far as I can see this is not a connected socket, so it's possible
to receive data from an unintended source. It should check the
address, and if it's different it should keep waiting (not resending a
new one).
--
Ticket URL: <http://bind10.isc.org/ticket/2924>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list