Vulnerability ?

Lewis Baughman lewis at freesco.info
Thu Jul 10 04:12:44 WST 2008


I recently read the vulnerability alert posted and I am wondering if 
this includes dnsmasq with this cache poisoning or if this is just a 
hoax of some kind.

http://www.kb.cert.org/vuls/id/800113
http://www.debian.org/security/2008/dsa-1603
http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in-dns-massive-multivendor-patch-released/

Quote:
Caching DNS resolvers are primarily at risk--both those that are open (a 
DNS resolver is open if it provides recursive name resolution for 
clients outside of its administrative domain), and those that are not. 
These caching resolvers are the most common target for attackers; 
*however, stub resolvers are also at risk.*


Regards,
Lewis




More information about the Dropbear mailing list