Re: PLEASE READ: An Important Security Announcement from ISC
Searching the title of the vulnerability with google results one PDF document. http://www.google.co.jp/#q=Ghost+Domain+Names:+Revoked+Yet+Still+Resolvable+PDF It shows details. -- Kazunori Fujiwara From: Michael McNally mcna...@isc.org PLEASE READ: An important security announcement from ISC ISC has been notified by Haixin Duan (a professor at Tsinghua University in Beijing China, who is currently visiting the International Computer Science Institute (ICSI) at the University of California, Berkeley) about a DNS resolver vulnerability that potentially allows a party to keep a domain name in the cache even after that domain name has been expired ISC is evaluating the risk of this vulnerability, but his published paper shows how this was demonstrated, live across the Internet. It lists several DNS implementations and open resolver deployments as vulnerable. All BIND 9 versions are currently considered vulnerable. A more detailed description of this vulnerability and ISC's planned response can be found at: https://www.isc.org/software/bind/advisories/cve-2012-1033 ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: PLEASE READ: An Important Security Announcement from ISC
Chris Thompson c...@cam.ac.uk wrote: More directly, http://www.cs.indiana.edu/classes/b649-gupt/kangLiNDSS12.pdf This is definitely worth reading, being an interesting new twist on a fairly old theme. Paul Vixie was trying to do something about risks in this area a couple of years ago: http://tools.ietf.org/html/draft-vixie-dnsext-resimprove-00 Tony. -- f.anthony.n.finch d...@dotat.at http://dotat.at/ Northwest FitzRoy: Southerly 4 or 5. Moderate or rough. Occasional rain or drizzle. Good, occasionally poor. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
PLEASE READ: An Important Security Announcement from ISC
PLEASE READ: An important security announcement from ISC ISC has been notified by Haixin Duan (a professor at Tsinghua University in Beijing China, who is currently visiting the International Computer Science Institute (ICSI) at the University of California, Berkeley) about a DNS resolver vulnerability that potentially allows a party to keep a domain name in the cache even after that domain name has been expired ISC is evaluating the risk of this vulnerability, but his published paper shows how this was demonstrated, live across the Internet. It lists several DNS implementations and open resolver deployments as vulnerable. All BIND 9 versions are currently considered vulnerable. A more detailed description of this vulnerability and ISC's planned response can be found at: https://www.isc.org/software/bind/advisories/cve-2012-1033 ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users