Re: Vulnerability Note VU#800113 - Multiple DNS implementations vulnerable to cache poisoning

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Mathieu SEGAUD <mathieu.segaud@...>

To: David Terrell <dbt@...>

Cc: <misc@...>

Subject: Re: Vulnerability Note VU#800113 - Multiple DNS implementations vulnerable to cache poisoning

Date: Wednesday, July 9, 2008 - 12:14 pm

Vous m'avez dit ricemment :
> On Wed, Jul 09, 2008 at 04:52:39PM +0200, Mathieu SEGAUD wrote:

quoted text>> Vous m'avez dit ricemment :

>>

>> > Good morning,

>> >

>> > Today, I'm received alert from one of my friends regarding to

>> > Vulnerability Note VU#800113 - Multiple DNS implementations vulnerable

>> > to cache poisoning.

>> > http://www.kb.cert.org/vuls/id/800113

>> >

>> > I checked the above site, and found that most of the *BSD status are

>> > unknown. Is this bug affected OpenBSD default bind dns?

>>

>> OpenBSD's named is affected.

>> It is a flow in the DNS protocol, which means potentially *all*

>> implementations are affected...

>

> Credit where credit is due: djbdns isn't.
good to know. thanks. thus "potentially"
> Without specifics on the issue, I can't tell if OpenBSD's bind is truly

quoted text> vulnerable, but it certainly does use a fixed source port.
Stuart Henderson already answered this question on misc@ (12:10 UTC,

today). Named is vulnerable. The resolver is not :)
--

Mathieu

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Vulnerability Note VU#800113 - Multiple DNS implementations ..., Zamri Besar, (Wed Jul 9, 10:45 am)

Re: Vulnerability Note VU#800113 - Multiple DNS implementati..., Pete Vickers, (Thu Jul 10, 4:15 am)

Re: Vulnerability Note VU#800113 - Multiple DNS implementati..., Peter N. M. Hansteen, (Thu Jul 10, 4:24 am)

Re: Vulnerability Note VU#800113 - Multiple DNS implementati..., Andreas Maus, (Wed Jul 9, 11:20 am)

Re: Vulnerability Note VU#800113 - Multiple DNS implementati..., Mathieu SEGAUD, (Wed Jul 9, 10:52 am)

Re: Vulnerability Note VU#800113 - Multiple DNS implementati..., David Terrell, (Wed Jul 9, 11:29 am)

Re: Vulnerability Note VU#800113 - Multiple DNS implementati..., Mathieu SEGAUD, (Wed Jul 9, 12:14 pm)

Re: Vulnerability Note VU#800113 - Multiple DNS implementati..., Zamri Besar, (Wed Jul 9, 1:02 pm)


linux-kernel:
Jan Engelhardt	intel iommu (Re: -mm merge plans for 2.6.23)

Tarkan Erimer	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
Rafael J. Wysocki	Re: Linux 2.6.27-rc5: System boot regression caused by commit a2bd7274b47124d2fc4d...
git:

linux-netdev:

Gerrit Renker	[PATCH 0/37] dccp: Feature negotiation - last call for comments
David Miller	[GIT]: Networking
Jarek Poplawski	[PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
openbsd-misc:

Re: Vulnerability Note VU#800113 - Multiple DNS implementations vulnerable to cache poisoning

Online users