[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [WEB SECURITY] Major DNS Vulnerabilities
- From: "Michael S. Menefee" <mmenefee@xxxxxxxxxxxxxxx>
- Subject: RE: [WEB SECURITY] Major DNS Vulnerabilities
- Date: Wed, 9 Jul 2008 00:19:34 -0400
Robert,
Kindly disregard my last post. Apparently the idea is for Kaminsky to
announce more about the details at black hat in august. Although I can
understand the approach, its frustrating as a security professional to
simply accept that "you need to patch this" or even worse: "customer you
need to patch this" without more details...blackhat's next month and
this story is news today...not sure I *agree* with the approach,
although I can *understand* it, but why wait for the hype of blackhat to
make the details known? I for one need more plausable justification to
recommend most things--this included.
Anyways, thanks again for the headsup, although this story quickly
exploded damn near everywhere all at once :)
--
Michael S. Menefee, CISSP (#43728)
Principal Consultant
Secure Solve, Inc.
Phone: (919) 439-3598
Fax: (919) 287-2570
mmenefee@xxxxxxxxxxxxxxx
www.securesolve.com
-----Original Message-----
From: robert@xxxxxxxxxxxxx [mailto:robert@xxxxxxxxxxxxx]
Sent: Tuesday, July 08, 2008 4:37 PM
To: websecurity@xxxxxxxxxxxxx
Subject: [WEB SECURITY] Major DNS Vulnerabilities
Looks as though its time to patch again. This time against 81 different
products
http://it.slashdot.org/article.pl?sid=08/07/08/195225
http://securosis.com/publications/CERT%20Advisory.doc
http://securosis.com/publications/DNS-Executive-Overview.pdf
Regards,
- Robert
http://www.webappsec.org/
------------------------------------------------------------------------
----
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/archive/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA
Brought to you by http://www.webappsec.org
Search this site
|