[afnog] Big DNS vulnerability

Stephane Bortzmeyer bortzmeyer at nic.fr
Wed Jul 9 09:05:46 UTC 2008


Executive summary: upgrade your recursive name servers ASAP.

The official announcement:

http://www.kb.cert.org/vuls/id/800113

A good summary:

http://securosis.com/publications/DNS-Executive-Overview.pdf

For BIND users (do note that several vendors who ship BIND already
have the upgraded version, for instance Debian and Gentoo):

http://www.isc.org/index.pl?/sw/bind/forgery-resilience.php

For Microsoft users:

http://www.microsoft.com/technet/security/Bulletin/MS08-037.mspx

For Cisco users:

http://www.cisco.com/warp/public/707/cisco-sa-20080708-dns.shtml






More information about the afnog mailing list