[Dnsmasq-discuss] Question about DNS vunlerabiltiy in dnsmasq

Jan 'RedBully' Seiffert redbully at cc.fh-luh.de
Tue Jul 22 18:29:55 BST 2008


Simon Kelley wrote:
> A C wrote:
>> I'm running dnsmasq 2.35 but it's on an embedded system and the 
>> package manager hasn't created a new version yet.  I wanted to know 
>> how vulnerable I was to the recent security alert regarding DNS and 
>> whether there's a potential workaround that I could put in place for now.
>>
> 
> "How vulnerable" is a difficult question. AFAIK, the attack hasn't been 
> seen in the wild, and it's assumed that the Bad Guys don't know it, so 
> you're absolutely safe until Dan Kaminsky spills the beans (August?)
> 

*cough*
to late...
http://www.heise-online.co.uk/news/DNS-security-problem-details-released--/111145



> Does that give you enough time to get a new version in place?
> 
> Simon.
> 
Greetings
	Jan

-- 
"Der Kopf ist rund, damit das Denken die Richtung wechseln kann."
	Francis Picabi



More information about the Dnsmasq-discuss mailing list