[nsp-sec] DNS vulnerability CVE-2008-1447/VU#800113
Florian Weimer
fweimer at bfk.de
Tue Jul 8 14:23:58 EDT 2008
* Steven Spence:
>> I don't know how much detail will be available before that from the
>> vendors, so please use published material as a reference, and not this
>> mailing list posting.
>
> ISC gives a pretty good break down of it.
>
> http://www.isc.org/sw/bind/bind-security.php
Thanks, I wasn't aware that it was public.
I agree with their assessment that DNSSEC is the correct fix for this
vulnerability (like it or not).
--
Florian Weimer <fweimer at bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
More information about the nsp-security
mailing list