[nsp-sec] DNS vulnerability CVE-2008-1447/VU#800113
Sean Donelan
sean at donelan.com
Tue Jul 8 21:23:10 EDT 2008
On Tue, 8 Jul 2008, Florian Weimer wrote:
> If you've got any questions regarding this vulnerability, feel free to
> ask. I'm under a socially enforced NDA not to disclose the root cause
> at this stage (you may look at my posting in February to nsp-sec-d for
> a clue; it was written before I knew about Dan's discovery), but apart
> from that, I'm glad to help. This is a critical vulnerability, and
> you should really make sure that you fix your resolvers.
Other than some software vendors/programmers announcing a fix for an
old problem, has anything actually changed in the world today?
Just trying to figure out if this is really a "red alert" or business
as usual, upgrade your stuff regularly because programmers are human.
More information about the nsp-security
mailing list