Closed
Bug 1286352
Opened 8 years ago
Closed 8 years ago
DNS Misconfiguration
Categories
(Websites :: Other, defect)
Websites
Other
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: mohamed.chamli, Unassigned)
References
()
Details
(Whiteboard: [reporter-external] [web-bounty-form] [verif?])
akamai.mozilla.org has address 127.0.0.2 and this may lead to "Same- Site" Scripting. Here is detailed description of this minor security issue (by Tavis Ormandy): http://www.securityfocus.com/archive/1/486606/30/0/threaded
Flags: sec-bounty?
Comment 1•8 years ago
|
||
I think this is an issue with your local resolver, as this domain is not publicized. $ dig akamai.mozilla.org @8.8.8.8 ; <<>> DiG 9.10.3-P4-Ubuntu <<>> akamai.mozilla.org @8.8.8.8 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 64109 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;akamai.mozilla.org. IN A ;; Query time: 44 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Tue Jul 12 16:09:13 EDT 2016 ;; MSG SIZE rcvd: 47
Status: UNCONFIRMED → RESOLVED
Closed: 8 years ago
Resolution: --- → INVALID
Updated•8 years ago
|
Flags: sec-bounty? → sec-bounty-
Updated•8 years ago
|
Group: websites-security
You need to log in
before you can comment on or make changes to this bug.
Description
•