[dns-operations] CERT VU#800113 Multiple DNS implementations vulnerable to cache poisoning
bert.hubert at netherlabs.nl
Wed Jul 9 12:26:39 UTC 2008
On Wed, Jul 09, 2008 at 10:42:17AM +0000, Lutz Donnerhacke wrote:
> * Duane Wessels wrote:
> > http://www.kb.cert.org/vuls/id/800113
> > Recent additional research into [DNS defects and deficiencies]
> > and methods of combining them to conduct improved cache poisoning
> > attacks have yielded extremely effective exploitation techniques.
> That is very weak claim. Poisoning is not a new problem. What is really new?
I'd worry, if I were you. "Trust the story". Once the story breaks, you'll
be able to test this for yourself.
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
More information about the dns-operations