[dns-operations] Subverting BIND's SRTT Algorithm Derandomizing NS Selection
Paul Ferguson
fergdawgster at mykolab.com
Tue May 6 16:22:34 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Can anyone from ISC (bind maintainer) comment on this vulnerability,
especially regarding what versions are affected and if a fix is available?
https://www.usenix.org/conference/woot13/workshop-program/presentation/hay
I am presuming this is the same?
http://thehackernews.com/2014/05/critical-vulnerability-in-bind-software.html
Thanks,
- - ferg
- --
Paul Ferguson
VP Threat Intelligence, IID
PGP Public Key ID: 0x54DC85B2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iF4EAREIAAYFAlNpDEoACgkQKJasdVTchbJBbQD+J0L7+dRvqw0+rT/etPlUJFf+
tBoMARKlFSC8Jch8TFwA/RRmWwaLFK/JWlaDNBt51+rO1ZhXCkYyv6jIVJMyxGf8
=rZnA
-----END PGP SIGNATURE-----
More information about the dns-operations
mailing list