<p dir="ltr">I'm not sure this discovery should be dated 2015</p>
<p dir="ltr">  <a href="http://bugs.cacert.org/view.php?id=803">http://bugs.cacert.org/view.php?id=803</a><br>
  <a href="http://security.stackexchange.com/questions/10452/dns-zone-transfer-attack">http://security.stackexchange.com/questions/10452/dns-zone-transfer-attack</a><br>
  <a href="http://www.iodigitalsec.com/dns-zone-transfer-axfr-vulnerability">http://www.iodigitalsec.com/dns-zone-transfer-axfr-vulnerability</a>/<br>
  <a href="http://seclists.org/pen-test/2004/Feb/108">http://seclists.org/pen-test/2004/Feb/108</a><br></p>
<p dir="ltr">Stephane Bortzmeyer wrote:<br>
 >  <a href="https://www.us-cert.gov/ncas/alerts/TA15-103A">https://www.us-cert.gov/ncas/alerts/TA15-103A</a><br>
>  http://haxpo.<br>
> nl/haxpo2015ams/sessions/all-your-hostnames-are-belong-to-us/ <http:<br>
> //<a href="http://haxpo.nl/haxpo2015ams/sessions/all-your-hostnames-are-belong-to-us/&gt">haxpo.nl/haxpo2015ams/sessions/all-your-hostnames-are-belong-to-us/&gt</a>;<br>
>  &nbsp;<br>
</p>