Kaminsky finds DNS exploit
Harald Hanche-Olsen
hanche at math.ntnu.no
Wed Jul 9 15:39:42 EDT 2008
+ John Kemp <john at jkemp.net>:
> It does seem he would like an air of some mystery to exist though
> until he makes his presentation about the issue at Defcon - did he,
> himself, discover something new? We'll just have to wait, unless we
> go play with the BIND code ourselves.
Unless he is merely blowing smoke, it would seem that he discovered
some little twist that makes the known vulnerability much more easily
exploitable than previously assumed. That would explain his statement:
the patch fixes a well known vulnerability, and as a side effect stops
the more serious attack, in effect making it hard to tell what is
involved in that attack from reading the patch.
- Harald
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list