DNS Exploit vulnerability found

13 posts / 0 new
Last post
#1 Tue, 07/08/2008 - 13:02
velvetpixel

DNS Exploit vulnerability found

A new DNS vulnerability has been found!

Story

[url=http://it.slashdot.org/article.pl?sid=08/07/08/195225&from=rss]Second Story[/url]

Tue, 07/08/2008 - 17:05
ronald
ronald's picture

hm, i wonder how long it will take for Centos to release that patch. I hope this year......

Tue, 07/08/2008 - 17:29 (Reply to #2)
sgrayban

Debian already has released the security update for bind.

Wed, 07/09/2008 - 01:36 (Reply to #3)
ronald
ronald's picture

thx for the heads up. just updated.

Thu, 07/17/2008 - 00:02 (Reply to #4)
David.Strejc

Jus little advice.

Use FreeBSD.

;o)))

Fri, 07/18/2008 - 17:12 (Reply to #5)
Joe
Joe's picture

<div class='quote'>Use FreeBSD.</div>

Because FreeBSD doesn't run BIND! Oh, wait...it does run BIND. What were you saying, again? ;-)

--

Check out the forum guidelines!

Sat, 07/19/2008 - 14:18 (Reply to #6)
sgrayban

What does FreeBSD have to do with BIND ?

If there is a security issue with a program it does care what distro it is because all will have the same security weakness that's why we UPDATE !

Sat, 07/19/2008 - 14:18 (Reply to #7)
sgrayban

opps *doesn't* care

Sat, 07/26/2008 - 22:48 (Reply to #8)
velvetpixel

Apparently this exploit is in the wild now.

Sun, 07/27/2008 - 00:45 (Reply to #9)
sgrayban

who cares - everyone should be updated by now and if they aren't they need to start paying attention to there distro's updates.

Sun, 07/27/2008 - 01:32 (Reply to #10)
sgrayban

If you are scared that your DNS is crap look at http://www.doxpara.com/ -- BTW the Apple idiots FAILED to update there DNS servers LOL

Sun, 07/27/2008 - 11:28 (Reply to #11)
Joe
Joe's picture

Yep, everybody needs to update BIND immediately, if you haven't already. It primarily effects recursive name servers, as it is a cache poisoning exploit--I don't believe it effects authoritative service at all, which is what most folks use BIND for in a Virtualmin system--but have trustworthy name service at all points in the chain is absolutely vital for security.

Imagine downloading a piece of software...asking for PHP.net, and instead getting badguys.net instead, which happens to have a complete mirror of the PHP.net website, and an exploited copy of PHP for you to download. Just an example, of course, and I expect most Virtualmin users are using RPM or deb packages, which are signed in modern systems--so you can know if you're getting a package from a trustworthy source or not, even if the download is compromised somehow.

--

Check out the forum guidelines!

Tue, 07/08/2008 - 22:36
gregv

Centos as a bind update available. I just installed it via yum.

Topic locked