By Cory Doctorow at 1:50 pm Sun, Aug 26, 2012
So basically the issue is that if you fire up a web service that do DNS lookups for you (i’ll stick to nslookup or dig, thanks), said service may not bother to sanity check the response before mixing it with the result display template. I do wonder how much DNSSEC affects this.
It’s whether the same exploit can be used in REVERSE DNS lookups that has the discovered concerned, as that would open practically any web server to badness. I think his secondary concern of SQL injections is interesting but less likely to cause any real mischief.
The response would still have to hit a html engine somehow to be effective tho, right?
That’s like complaining about C. Or web browsers. Or Java applets. Or Flash. Or your computer, for that matter.
They’re all just a bunch of tools.
Hammer and nails, what terrible things will they do next?
security short web theory
Submit a tip
The rules you agree to by using this website.
Who will be eaten first?
Jason Weisberger, Publisher
Ken Snider, Sysadmin