[Dnsmasq-discuss] Question about DNS vunlerabiltiy in dnsmasq
Simon Kelley
simon at thekelleys.org.uk
Tue Jul 22 18:05:27 BST 2008
A C wrote:
> I'm running dnsmasq 2.35 but it's on an embedded system and the package
> manager hasn't created a new version yet. I wanted to know how
> vulnerable I was to the recent security alert regarding DNS and whether
> there's a potential workaround that I could put in place for now.
>
"How vulnerable" is a difficult question. AFAIK, the attack hasn't been
seen in the wild, and it's assumed that the Bad Guys don't know it, so
you're absolutely safe until Dan Kaminsky spills the beans (August?)
Does that give you enough time to get a new version in place?
Simon.
More information about the Dnsmasq-discuss
mailing list