On Wed, Jul 09, 2008 at 04:52:39PM +0200, Mathieu SEGAUD wrote: > Vous m'avez dit ricemment : > > > Good morning, > > > > Today, I'm received alert from one of my friends regarding to > > Vulnerability Note VU#800113 - Multiple DNS implementations vulnerable > > to cache poisoning. > > http://www.kb.cert.org/vuls/id/800113 > > > > I checked the above site, and found that most of the *BSD status are > > unknown. Is this bug affected OpenBSD default bind dns? > > OpenBSD's named is affected. > It is a flow in the DNS protocol, which means potentially *all* > implementations are affected...
Credit where credit is due: djbdns isn't. Without specifics on the issue, I can't tell if OpenBSD's bind is truly vulnerable, but it certainly does use a fixed source port. -- David Terrell [EMAIL PROTECTED] ((meatspace)) http://meat.net/
