[dns-operations] "Cybercrooks exploiting new Windows DNS flaw"

Jeroen Massar jeroen at unfix.org
Mon Apr 16 19:42:29 UTC 2007

Edward Lewis wrote:
> At 20:25 +0000 4/13/07, Paul Vixie wrote:
>> but has anybody seen any packets that tried to exploit this hole,
>> as the original news article claims?
> So, Paul, has anyone answered this positively?  (Hoping to hear about 
> DNS "operations" on this list.)

See here for the sploit that can do it which I send previously to the
list: http://lists.oarci.net/pipermail/dns-operations/2007-April/001519.html

As it is available in the Metasploit Framework it is almost semi
automatically introduced in the nice bots around you.

Maybe packets are not flying frequently now, but do expect them sooner
or later as with the above code any kid can do-it-themselves...


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 311 bytes
Desc: OpenPGP digital signature
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20070416/c0b974ee/attachment.sig>

More information about the dns-operations mailing list