new DNS forwarder vulnerability

Merike Kaeo merike at doubleshotsecurity.com
Fri Mar 14 16:05:00 UTC 2014


On Mar 14, 2014, at 7:06 AM, Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote:

> On Fri, Mar 14, 2014 at 01:59:27PM +0000,
> Nick Hilliard <nick at foobar.org> wrote 
> a message of 10 lines which said:
> 
>> did you characterise what dns servers / embedded kit were
>> vulnerable?
> 
> He said "We have not been able to nail this vulnerability down to a
> single box or manufacturer" so it seems the answer is No.



It is my understanding  that many CPEs work off of same reference implementation(s).  I haven't
had any cycles for this but with all the CPE issues out there it would be interesting to have
a matrix of which CPEs utilize which reference implementation.  That may start giving some clues.

Has someone / is someone doing this?

- merike

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20140314/7d4169f3/attachment.bin>


More information about the NANOG mailing list