new DNS forwarder vulnerability

Livingood, Jason Jason_Livingood at
Fri Mar 14 16:45:20 UTC 2014

Well, at least all this CPE checks in for security updates every night so
this should be fixable. Oh wait, no, nevermind, they don't. :-(

This is getting to be the vulnerability of the week club for home gateway
devices - quite concerning.


On 3/14/14, 12:05 PM, "Merike Kaeo" <merike at> wrote:

>On Mar 14, 2014, at 7:06 AM, Stephane Bortzmeyer <bortzmeyer at>
>> On Fri, Mar 14, 2014 at 01:59:27PM +0000,
>> Nick Hilliard <nick at> wrote
>> a message of 10 lines which said:
>>> did you characterise what dns servers / embedded kit were
>>> vulnerable?
>> He said "We have not been able to nail this vulnerability down to a
>> single box or manufacturer" so it seems the answer is No.
>It is my understanding  that many CPEs work off of same reference
>implementation(s).  I haven't
>had any cycles for this but with all the CPE issues out there it would be
>interesting to have
>a matrix of which CPEs utilize which reference implementation.  That may
>start giving some clues.
>Has someone / is someone doing this?
>- merike

More information about the NANOG mailing list