Home page logo
/

bugtraq logo Bugtraq mailing list archives

ERRATA (Re: "Host header cannot be trusted as an anti anti DNS-pinning measure")
From: Amit Klein <aksecurity () gmail com>
Date: Mon, 25 Dec 2006 20:46:44 +0200

Hi

In the writeup named "Host header cannot be trusted as an anti anti DNS-pinning measure" (submitted September 7th, 2006) I erroneously attributed one of the references to the wrong person. The correct text should read:

[1] "DNS: Spoofing and Pinning", by "timeless", September 12th, 2003 (or earlier)
http://viper.haque.net/~timeless/blog/11/

The original (wrong) text attributed this reference to Mohammad A. Haque, who owns the viper.haque.net website, but (in my current understanding) did not write the referenced text (my understanding now is that http://viper.haque.net/~timeless/ actually belongs to "timeless", a different individual).

This mistake also occurred in a response I wrote to a thread "Re: [WEB SECURITY] Detecting, Analyzing, and Exploiting Intranet Applications using JavaScript" in the WebSecurity mailing list (http://www.webappsec.org/lists/websecurity/archive/2006-07/msg00090.html).

I'm sorry for the confusion.
-Amit



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]