Stories
Slash Boxes
Comments

SoylentNews is people

posted by n1 on Thursday November 13 2014, @03:19AM   Printer-friendly
from the one-daemon-to-rule-them-all dept.

Whether you're running systemd happily or begrudgingly, it's best if you disable systemd-resolved as your DNS resolver for the time being. Reported today at seclists is a new DNS cache poisoning bug in systemd-resolved.

At its simplest, an attacker triggers a query to a domain he controls via SMTP or SSH-login. Upon receipt of the question, he can just add any answer he wants to have cached to the legit answer he provides for the query, e.g. providing two answer RR's: One for the question asked and one for a question that has never been asked - even if the DNS server is not authoritative for this domain.

Systemd-resolved accepts both answers and caches them. There are no reports as to the affected versions or how widespread the problem may be. Comments over at Hacker News suggests that it might not be widespread, most users would still be running the backported 208-stable while the DNS resolver was committed in 213 and considered fairly complete in 216, but that is if they enabled systemd-resolved in /etc/nsswitch.config.

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Funny) by twistedcubic on Thursday November 13 2014, @05:15AM

    by twistedcubic (929) on Thursday November 13 2014, @05:15AM (#115420)

    What are you guys complaining about so much? This is a non-issue. systemd boots so fast there is simply no time to exploit this bug :)

    Starting Score:    1  point
    Moderation   +3  
       Funny=4, Overrated=1, Total=5
    Extra 'Funny' Modifier   0  

    Total Score:   4  
  • (Score: 0) by Anonymous Coward on Thursday November 13 2014, @05:35AM

    by Anonymous Coward on Thursday November 13 2014, @05:35AM (#115427)

    Pretty sure this is sarcasm, but just to make this abundantly clear: systemd-resolved is still running and exploitable after boot. Unless, you know, it crashes because it's part of systemd.

  • (Score: 2) by aristarchus on Thursday November 13 2014, @06:02AM

    by aristarchus (2645) on Thursday November 13 2014, @06:02AM (#115434) Journal

    Time, . . . is relative. . . while you are booting. . . . entire worlds have come in to existence, flourished, and perished. Others, . . . have been in existence for eons of your time. The time you are saving is just saving them the wait.

  • (Score: 2) by LoRdTAW on Thursday November 13 2014, @02:41PM

    by LoRdTAW (3755) on Thursday November 13 2014, @02:41PM (#115560) Journal

    I fully realize your post is humorous but it demonstrates peoples ignorance of just what systemd actually is. )See my post above : http://soylentnews.org/comments.pl?sid=4834&cid=115518 [soylentnews.org]

    Systemd is much more than a simple init system and PID1. It is a bad idea, copies bad design (see the wikipedia link in my other post) and adds nothing of value.