<<< Date Index >>>     <<< Thread Index >>>

Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer)



"it's not like this hasn't been reported, and fixed, many times by many others" - so if it's fixed so many times, how come it was still vulnerable, and ISC had to issue their patches?

Because its just a 16-bit field. DNS is broken. Cache poisoning will happen. Those are the facts on the ground. The only argument left
is the degree of brokenness.

-Amit

Tim Newsham
http://www.thenewsh.com/~newsham/