Bugtraq mailing list archives
Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer)
From: Tim Newsham <newsham () lava net>
Date: Fri, 27 Jul 2007 08:54:33 -1000 (HST)
"it's not like this hasn't been reported, and fixed, many times by many others" - so if it's fixed so many times, how come it was still vulnerable, and ISC had to issue their patches?
Because its just a 16-bit field. DNS is broken. Cache poisoning will happen. Those are the facts on the ground. The only argument left
is the degree of brokenness.
-Amit
Tim Newsham http://www.thenewsh.com/~newsham/
Current thread:
- "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) Amit Klein (Jul 24)
- <Possible follow-ups>
- Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) securityfocus (Jul 24)
- Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) Amit Klein (Jul 24)
- Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) Jamie Riden (Jul 26)
- Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) Theo de Raadt (Jul 27)
- Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) Gadi Evron (Jul 27)
- Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) Tim (Jul 27)
- Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) Amit Klein (Jul 27)
- Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) Tim Newsham (Jul 27)
- Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer) Amit Klein (Jul 27)