Apple released Security Update 2008-005, which fixes numerous things. Including the infamous Cache Poisoning DNS Vulnerability, and updates PHP to 5.2.6. Run Software Update now to patch.
Hello There! Thank you for visiting my site.
This is the professional blog of Eric Marden, a veteran web developer, entrepreneur, and inspirational speaker.
If you're new here, please subscribe to my
RSS feed. You'll get a blend of tech news, analysis, inspirational essays, and much more.
Subscribe today.
Ars Technica has posted a great overview of the DNS Exploit I’ve been talking about for the last week or so. Use doxpara to test your DNS provider.
You had your chance, but now the previously reported DNS vulnerability has been disclosed publicly, more or less. Dan put up this cryptic post, and the comments basically spell it out. The exploit is known, and it can be performed in less than 10 seconds. More here. Patch now!
“First, take the advisory seriously—we’re not just a bunch of n00b alarmists, if we tell you your DNS house is on fire, and we hand you a fire hose, take it.” Sage advice from Paul Vixie on the recent DNS Cache Poisoning exploit. Many systems remain unpatched, even though this security vunerability is critical and should be addressed immediately.
In a rare show of cooperative effort, multiple vendors released a patch today to their DNS implementations, the underlying technology behind connecting domain names to the IP addresses they live on. DNS Admins are urged to patch the systems in their charge, immediately . Securosis has the full story. Here’s a tool to test to see if you’re at risk to the Cache Poisoning exploit.
Interestingly enough, only one DNS implementation was not affected: DJBDNS.
Latest Comments
RSS