BIND 10 #3114: Too large number crashes BIND 10 and stops it from being restarted
BIND 10 Development
do-not-reply at isc.org
Fri Aug 30 11:51:09 UTC 2013
#3114: Too large number crashes BIND 10 and stops it from being restarted
--------------------------------+-----------------------------------------
Reporter: cas | Owner:
Type: defect | Status: new
Priority: high | Milestone: New Tasks
Component: cmd-ctl | Resolution:
Keywords: | CVSS Scoring:
Sensitive: 0 | Defect Severity: N/A
Sub-Project: Core | Feature Depending on Ticket:
Estimated Difficulty: 0 | Add Hours to Ticket: 0
Total Hours: 0 | Internal?: 0
--------------------------------+-----------------------------------------
Comment (by cas):
Replying to [comment:5 vorner]:
> I'm not saying this should not be fixed, or something. This, surely, is
a bug and it should be fixed. I was just saying we should not be keeping
it secret, because an attacker doesn't gain anything knowing that there's
such a bug. On the other hand, a user stumbling on this by accident can
find some background and help here.
>
> The comparison with „Init shutdown“ was meant as illustrating which
level of permissions you need. If an attacker can abuse this bug, he can
also use „Init shutdown“ (both willingly).
Sorry, my misunderstanding. I was not aware of the function of the
"Sensitive" flag. I agree, there is no need to keep this a secret.
--
Ticket URL: <http://bind10.isc.org/ticket/3114#comment:6>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list