[nsp-sec] DNS vulnerability CVE-2008-1447/VU#800113
Danny McPherson
danny at tcb.net
Tue Jul 8 15:29:10 EDT 2008
On Jul 8, 2008, at 12:23 PM, Florian Weimer wrote:
> ----------- nsp-security Confidential --------
>
> * Steven Spence:
>
>>> I don't know how much detail will be available before that from the
>>> vendors, so please use published material as a reference, and not
>>> this
>>> mailing list posting.
>>
>> ISC gives a pretty good break down of it.
>>
>> http://www.isc.org/sw/bind/bind-security.php
>
> Thanks, I wasn't aware that it was public.
>
> I agree with their assessment that DNSSEC is the correct fix for this
> vulnerability (like it or not).
Although application of anti-spoofing filters goes a long
way towards helping mitigate this and other such threats.
-danny
More information about the nsp-security
mailing list