New User, Welcome!     Login

DNS rebinding

simple dns rebinding protection with dnsmasq

dnsmasq (http://www.thekelleys.org.uk/dnsmasq/doc.html) a popular DHCP
and DNS forwarder and cache server used on many DSL/Cable routers now
has a simple DNS Rebinding protection mechanism. When executed with the
--stop-dns-rebind option the DNS resolver in dnsmasq will filter out
private IP addresses (127.0.0.0/8, 192.168.0.0/16, 10.0.0.0/8,
172.16.0.0/12 and 169.254.0.0/16). This should be sufficient for most
private/home users.

Feedback welcome.

[ GLSA 200904-20 ] CUPS: Multiple vulnerabilities

Synopsis
========

Multiple errors in CUPS might allow for the remote execution of
arbitrary code or DNS rebinding attacks.

Background
==========

CUPS, the Common Unix Printing System, is a full-featured print server.

[ GLSA 200903-23 ] Adobe Flash Player: Multiple vulnerabilities

  discovered a flaw occurring when interpreting HTTP response headers
  (CVE-2008-4818).

* Nathan McFeters and Rob Carter of Ernst and Young's Advanced
  Security Center are credited for finding an unspecified vulnerability
  facilitating DNS rebinding attacks (CVE-2008-4819).

* When used in a Mozilla browser, Adobe Flash Player does not
  properly interpret jar: URLs, according to a report by Gregory
  Fleischer of pseudo-flaw.net (CVE-2008-4821).

[ GLSA 200801-07 ] Adobe Flash Player: Multiple vulnerabilities

* Jesse Michael and Thomas Biege reported that Flash does not
  correctly set memory permissions (CVE-2007-6246).

* Dan Boneh, Adam Barth, Andrew Bortz, Collin Jackson, and Weidong
  Shao reported that Flash does not pin DNS hostnames to a single IP
  addresses, allowing for DNS rebinding attacks (CVE-2007-5275).

* David Neu reported an error withing the implementation of the
  Socket and XMLSocket ActionScript 3 classes (CVE-2007-4324).

* Toshiharu Sugiyama reported that Flash does not sufficiently

[ GLSA 200804-21 ] Adobe Flash Player: Multiple vulnerabilities

  interpretation and usage of cross-domain policy files
  (CVE-2007-6243).

* The Stanford University and Ernst and Young's Advanced Security
  Center reported that Flash does not pin DNS hostnames to a single IP
  addresses, allowing for DNS rebinding attacks (CVE-2007-5275,
  CVE-2008-1655).

* The Google Security Team and Minded Security Multiple reported
  multiple cross-site scripting vulnerabilities when passing input to
  Flash functions (CVE-2007-6637).

[ GLSA 200804-20 ] Sun JDK/JRE: Multiple vulnerabilities

  applets to escalate their privileges (CVE-2007-5689).

* Billy Rios, Dan Boneh, Collin Jackson, Adam Barth, Andrew Bortz,
  Weidong Shao, and David Byrne discovered multiple instances where
  Java applets or JavaScript programs run within browsers do not pin
  DNS hostnames to a single IP address, allowing for DNS rebinding
  attacks (CVE-2007-5232, CVE-2007-5273, CVE-2007-5274).

* Peter Csepely reported that Java Web Start does not properly
  enforce access restrictions for untrusted applications
  (CVE-2007-5237, CVE-2007-5238).


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!