mailing list archives
Re: CVE Request New-djbdns: dnscache: potential cache poisoning
From: Michael Samuel <mik () miknet net>
Date: Wed, 12 Feb 2014 11:23:54 +1100
On 12 February 2014 01:51, P J P <ppandit () redhat com> wrote:
This looks like the same issue - predictable hash collision.
The same issue, different result.
CVE-2013-6401 is a DoS vulnerability, which would result in excess
CPU usage per hash lookup.
The described issue would result in expiring attacker-specified (but
not more) cache entries at approximately the same CPU cost. So
this is something else.
Re: CVE Request New-djbdns: dnscache: potential cache poisoning cve-assign (Feb 19)