nanog mailing list archives

Re: new DNS forwarder vulnerability

From: "Livingood, Jason" <Jason_Livingood () cable comcast com>
Date: Fri, 14 Mar 2014 16:45:20 +0000

Well, at least all this CPE checks in for security updates every night so
this should be fixable. Oh wait, no, nevermind, they don't. :-(


This is getting to be the vulnerability of the week club for home gateway
devices - quite concerning.

JL

On 3/14/14, 12:05 PM, "Merike Kaeo" <merike () doubleshotsecurity com> wrote:


On Mar 14, 2014, at 7:06 AM, Stephane Bortzmeyer <bortzmeyer () nic fr>
wrote:

On Fri, Mar 14, 2014 at 01:59:27PM +0000,
Nick Hilliard <nick () foobar org> wrote
a message of 10 lines which said:

did you characterise what dns servers / embedded kit were
vulnerable?


He said "We have not been able to nail this vulnerability down to a
single box or manufacturer" so it seems the answer is No.




It is my understanding  that many CPEs work off of same reference
implementation(s).  I haven't
had any cycles for this but with all the CPE issues out there it would be
interesting to have
a matrix of which CPEs utilize which reference implementation.  That may
start giving some clues.

Has someone / is someone doing this?

- merike

Current thread:

new DNS forwarder vulnerability Mark Allman (Mar 14)
- Re: new DNS forwarder vulnerability Nick Hilliard (Mar 14)
  - Re: new DNS forwarder vulnerability Stephane Bortzmeyer (Mar 14)
    - Re: new DNS forwarder vulnerability Merike Kaeo (Mar 14)
    - Re: new DNS forwarder vulnerability Nick Hilliard (Mar 14)
    - Re: new DNS forwarder vulnerability Livingood, Jason (Mar 14)
    - Re: new DNS forwarder vulnerability Gary Baribault (Mar 15)
    - Re: new DNS forwarder vulnerability Joe Greco (Mar 15)
    - Re: new DNS forwarder vulnerability Laszlo Hanyecz (Mar 15)
    - Re: new DNS forwarder vulnerability Paul Ferguson (Mar 15)
    - Re: new DNS forwarder vulnerability Wayne E Bouchard (Mar 14)
    - Re: new DNS forwarder vulnerability Jimmy Hess (Mar 15)