Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer)

From: Tim Newsham <newsham@lava.net>
To: Amit Klein <aksecurity@gmail.com>
Cc: Gadi Evron <ge@linuxbox.org>,Jamie Riden <jamie.riden@gmail.com>,bugtraq@securityfocus.com
Subject: Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer)
Date:


> "it's not like this hasn't been reported, and fixed, many times by many 
> others" - so if it's fixed so many times, how come it was still vulnerable, 
> and ISC had to issue their patches?

Because its just a 16-bit field.  DNS is broken.  Cache poisoning will 
happen.  Those are the facts on the ground.  The only argument left
is the degree of brokenness.

> -Amit

Tim Newsham
http://www.thenewsh.com/~newsham/





Copyright © 1995-2020 LinuxRocket.net. All rights reserved.