Subject: Re: DNS Cache Poisoning vulnerability (CVE-2008-1447, VU#800113)

Re: DNS Cache Poisoning vulnerability (CVE-2008-1447, VU#800113)

From: Josh Carroll <josh.carroll_at_gmail.com>
Date: Mon, 14 Jul 2008 11:33:27 -0400

> Can any security experts who are aware of this issue shed some light on this?

My understanding was that this particular CERT was due to a
predictable source port. So the TXID being random is good, but the
source port being non-random (or pseudo-random) is the problem.

More details are in the CERT/CVE itself.

Josh
Received on 2008-07-14

This message: [ Message body ]
Next message: Steve Cotton: "c-ares: Adding new lookup types to config_lookup"
Previous message: Ravi S: "Re: DNS Cache Poisoning vulnerability (CVE-2008-1447, VU#800113)"
In reply to: Ravi S: "Re: DNS Cache Poisoning vulnerability (CVE-2008-1447, VU#800113)"
Next in thread: Daniel Stenberg: "Re: DNS Cache Poisoning vulnerability (CVE-2008-1447, VU#800113)"
Reply: Daniel Stenberg: "Re: DNS Cache Poisoning vulnerability (CVE-2008-1447, VU#800113)"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]