none
Would Linux glibc Exploit affect on those linux servers that point to a Windows DNS server? RRS feed

  • Question

  • Hi guys,

    I'm concerning if Linux glibc Exploit would affect on those linux servers that pointing to a Windows DNS server

    About Linux glibc Exploit, see.

    http://www.darknet.org.uk/2016/02/the-linux-glibc-exploit-what-you-need-to-know/

    1.Will this affect on those linux servers that point to windows DNS servers?

    Like a linux server query a name on a windows DNS server, then the windows DNS server query the name from internet, a bad DNS on the internet return a bad answer to the windows DNS server, then the windows DNS server return the bad answer to the linux. 

    2.From the link below, it's saying DNS udp packet has a max limit of 1280 byte by EDNS0, but it's for windows 2003, EDNS0 also work on windows 2008 R2, can I get a conclusion that windows 2008 R2 DNS also have a max limit of 1280 byte on UDP ports? Is there any packet limit  on tcp port?

    https://technet.microsoft.com/en-us/library/cc783893(v=ws.10).aspx

    Thank you!

    Friday, February 26, 2016 6:14 AM

Answers

  • Hi ,

    1.According your articl posted above,” the glibc DNS client (libresolv) is vulnerable to a stack-based buffer overflow when the getaddrinfo() library function is used and plenty of stuff could trigger the exploit including SSH, sudo, curl, PHP, Rails and more.”So that may cause some issues,but there is no linux environment in our labs,I do not test.

    2. Yes,there is still a  maximum UDP packet size advertised by the DNS server in Winserver 2008r2. The default value is 1,280 bytes(not a max limit). The value must be between 512 and 16,384 in decimal format (200 and 4,000 in hexadecimal format).And I don’t find a packet limit for tcp.

     

      Best Regards,

    Cartman

    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Monday, February 29, 2016 5:09 AM