<<<
Chronological Index
>>> <<<
Thread Index
>>>
[ga] DNS Tool cache poisining security problem
- To: Ga <ga@xxxxxxxxxxxxxx>
- Subject: [ga] DNS Tool cache poisining security problem
- From: "Jeffrey A. Williams" <jwkckid1@xxxxxxxxxxxxx>
- Date: Wed, 25 Feb 2009 18:14:55 -0800
All
For those of you that may use or have providers that use
djbdns, see the following:
09.9.21 CVE: CVE-2008-4392
Platform: Cross Platform
Title: djbdns dnscache SOA Requests Remote Cache Poisoning
Description: djbdns is a suite of Domain Name System (DNS) tools. The
dnscache (caching/resolver server) component of djbdns is exposed to a
DNS cache poisoning issue that arises because the application fails to
handle SOA (Start of Authority) records in a proper manner. djbdns
version 1.05 is affected.
Ref: http://www.securityfocus.com/bid/33818
Regards,
Spokesman for INEGroup LLA. - (Over 284k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
Abraham Lincoln
"YES WE CAN!" Barack ( Berry ) Obama
"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt
"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng. INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1@xxxxxxxxxxxxx
My Phone: 214-244-4827
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|