SuSE: bind (SUSE-SA:2008:033)

Login or Register to Ask a Question and Join Our Community

SuSE: bind (SUSE-SA:2008:033)

Tags

bind, security, suse

Login to Discuss or Reply to this Discussion in Our Community

Special Forums Cybersecurity Security Advisories (RSS) SuSE: bind (SUSE-SA:2008:033)

07-11-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

SuSE: bind (SUSE-SA:2008:033)

LinuxSecurity.com: The new version of bind uses a random transaction-ID (TRXID) and a random UDP source-port for DNS queries to address DNS cache poisoning attacks possible because of the "birthday paradox" and an attack discovered by Dan Kaminsky. Unfortunately we do not have details about Kaminsky's attack and have to trust the statement that a random UDP source-port is sufficient to stop it.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

Login or Register to Ask a Question

Previous Thread | Next Thread

Login or Register to Ask a Question