Home page logo

nanog logo nanog mailing list archives

Re: new DNS forwarder vulnerability
From: Merike Kaeo <merike () doubleshotsecurity com>
Date: Fri, 14 Mar 2014 09:05:00 -0700

On Mar 14, 2014, at 7:06 AM, Stephane Bortzmeyer <bortzmeyer () nic fr> wrote:

On Fri, Mar 14, 2014 at 01:59:27PM +0000,
Nick Hilliard <nick () foobar org> wrote 
a message of 10 lines which said:

did you characterise what dns servers / embedded kit were

He said "We have not been able to nail this vulnerability down to a
single box or manufacturer" so it seems the answer is No.

It is my understanding  that many CPEs work off of same reference implementation(s).  I haven't
had any cycles for this but with all the CPE issues out there it would be interesting to have
a matrix of which CPEs utilize which reference implementation.  That may start giving some clues.

Has someone / is someone doing this?

- merike

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]