Thread

http://www.kb.cert.org/vuls/id/800113
http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in-dns-massive-multivendor-patch-released/

My sources tell me this is potentially huge.

Hey I.G.
Going back to 9-5 work 😊 This seems like an old beast…Why is it resurrected now?
MS has it tagged as of Published:// November 13, 2007
Do tell 😉

That’s not the same vulnerability. The MS one “Could Allow Spoofing”... Well, big deal. The current one is of another caliber, and affects practically the whole DNS, not just MS’s implementation. They released a multi-vendor patch yesterday, with full disclosure to follow on Aug 6th. If you’ve got anything to do with nameservers, you should patch them asap.

Just spend some time reading through…and Holly crap. EE on pause.
Another handy link http://doxpara.com/.
Thanks for pointing this out!

Not wanting to sound too alarmist, but there is an exploit in the wild now. Phishers are going to have a field day :/(

exploit for the patches released?

No, for the unpatched servers. If your responsible sysadmin applied the vendor-provided patch you should be fine, but the adaption rate is not great. Figures I have seen speak of a 30-40% patch rate so far.

Oh got it, you scared me. Quite honestly these patches are still hard to find even with vendors that released them. I’ve spent enough time with fingers crossed on remote reboots.
Also, for who ever is reading this, you should look for client/workstation OS patches as well.
Thank you.

Just a quick roundup: http://arstechnica.com/news.ars/post/20080726-new-dns-exploit-now-in-the-wild-and-having-a-blast.html