[dns-operations] CERT VU#800113 Multiple DNS implementations vulnerable to cache poisoning

bert hubert bert.hubert at netherlabs.nl
Wed Jul 9 12:26:39 UTC 2008

On Wed, Jul 09, 2008 at 10:42:17AM +0000, Lutz Donnerhacke wrote:
> * Duane Wessels wrote:
> > http://www.kb.cert.org/vuls/id/800113
> >     Recent additional research into [DNS defects and deficiencies]
> >     and methods of combining them to conduct improved cache poisoning
> >     attacks have yielded extremely effective exploitation techniques.
> That is very weak claim. Poisoning is not a new problem. What is really new?

I'd worry, if I were you. "Trust the story". Once the story breaks, you'll
be able to test this for yourself.


http://www.PowerDNS.com      Open source, database driven DNS Software 
http://netherlabs.nl              Open and Closed source services

More information about the dns-operations mailing list