nanog mailing list archives

Re: 2nd Exploit for DNS Cache Poisoning - RELEASED

From: "Tuc at T-B-O-H.NET" <ml () t-b-o-h net>
Date: Thu, 24 Jul 2008 15:46:24 -0400 (EDT)

- -- "Tuc at T-B-O-H.NET" <ml () t-b-o-h net> wrote:

Not sure if anyone has seen yet, but there is a 2nd
exploit being circulated. I just picked it up on metasploits
SVN trunk....


I haven't seen that one yet, but I just ran across this:

http://www.milw0rm.com/exploits/6123

- - ferg

        Sorry, block from the new one :

===============/========================================================
Exploit ID:     CAU-EX-2008-0003
Release Date:   2008.07.23
Title:          bailiwicked_domain.rb
Description:    Kaminsky DNS Cache Poisoning Flaw Exploit for Domains
Tested:         BIND 9.4.1-9.4.2
Attributes:     Remote, Poison, Resolver, Metasploit
Exploit URL:    http://www.caughq.org/exploits/CAU-EX-2008-0003.txt
Author/Email:   I)ruid <druid (@) caughq.org>
                H D Moore <hdm (@) metasploit.com>
===============/========================================================

                        Tuc/TBOH

Current thread:

2nd Exploit for DNS Cache Poisoning - RELEASED Tuc at T-B-O-H.NET (Jul 24)
- Question: 2nd Exploit for DNS Cache Poisoning - RELEASED Jack Bates (Jul 24)
- <Possible follow-ups>
- Re: 2nd Exploit for DNS Cache Poisoning - RELEASED Paul Ferguson (Jul 24)
  - Re: 2nd Exploit for DNS Cache Poisoning - RELEASED Tuc at T-B-O-H.NET (Jul 24)