mailing list archives
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion)
From: Rob <spamproof () nospammail net>
Date: Tue, 15 Jul 2008 07:28:13 -0700
there can be no actual exploit discussion unless you have dan on the
On Sun, Jul 13, 2008 at 3:50 PM, eugaaa () gmail com <eugaaa () gmail com> wrote:
Can someone clarify what they meant by "non-reversible patch" ?
I think they mean that some patches make obvious what the flaw is and possibly
how to exploit it. These patches fix a known weakness - not using randomized
origin ports and dns query ids (and in some cases improving the horribly
non-random randomizing routines). The patches don't expose much information
about the exploit, thus fueling the righteous indignation of those complaining
about the hype.
If he is wrong, then the only real downside is that large numbers of dns
servers were upgraded to a less sucky version of BIND.
Are these .deb patches automagical?
I'm not interested in discussing the hype or scene-war aspect of this
Has anyone actually verified the impact of this vulnerability? Any code,
Dan is sworn to secrecy until his talk, so we have to wait till then.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Ureleet (Jul 15)
- Re: DNS Cache Dan Kamikaze (Actual Exploit Discussion) Rob (Jul 15)