2021-04-10 - 22:08:39 (UTC) Login
The Password Safe
The case is documented as CVE-2015-7547 and to my surprise I havn't seen any catchy brand name or logo for this one.
The vulnerability can be exploited if an unpatched server resolved a host name and the attacker can send a malicious payload in the DNS response.
The good news here: The server running Passvault does not have any application that would do any requests to domain names provided from the outside. But I must admit that I considered building an anti-spam mechanism that would detect malicious attempts to brute force mail boxes and as a response gather some information on the originating server before blocking it. I guess I will think again. Note to myself: This mechanism will definitely not run on the servers where the brute force attempts take place.