Via Matasano Chargen (Google Cached)-
The cat is out of the bag. Yes, Halvar Flake figured out the flaw Dan Kaminsky will announce at Black Hat.
[...]
Then there’s that other set of DNS vulnerabilities. These require you to pay attention in class. They haven’t really been talked about since 1997. And they’re hard to find, because you have to understand how DNS works. In other words, you have to be completely crazy. Lazlo Hollyfeld crazy. I’m speaking of course of RRset poisoning.
--------------------
Check the Google cached version for all the details...
Everyone patch and lets move on. The internet is still here..at least for now.
Word around the campfire is that exploits are being created....as we speak. Look for them soon...
Moral of the Story - Get'em patched.
The problem is that in some areas, updating will never happen, making these areas ripe for exploitation. :)
ReplyDeleteThis is very true, but those areas are most likely already ripe for exploitation.
ReplyDeleteAreas like "that" don't just miss a single very important DNS patch..they miss almost every very important patch.