[169766] in North American Network Operators' Group
Re: new DNS forwarder vulnerability
daemon@ATHENA.MIT.EDU (Livingood, Jason)
Fri Mar 14 12:46:30 2014
From: "Livingood, Jason" <Jason_Livingood@cable.comcast.com>
To: "nanog@nanog.org" <nanog@nanog.org>
Date: Fri, 14 Mar 2014 16:45:20 +0000
In-Reply-To: <022DA097-3756-4B62-8EB1-1F4539F46EE4@doubleshotsecurity.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Well, at least all this CPE checks in for security updates every night so
this should be fixable. Oh wait, no, nevermind, they don't. :-(
This is getting to be the vulnerability of the week club for home gateway
devices - quite concerning.
JL
On 3/14/14, 12:05 PM, "Merike Kaeo" <merike@doubleshotsecurity.com> wrote:
>
>On Mar 14, 2014, at 7:06 AM, Stephane Bortzmeyer <bortzmeyer@nic.fr>
>wrote:
>
>> On Fri, Mar 14, 2014 at 01:59:27PM +0000,
>> Nick Hilliard <nick@foobar.org> wrote
>> a message of 10 lines which said:
>>=20
>>> did you characterise what dns servers / embedded kit were
>>> vulnerable?
>>=20
>> He said "We have not been able to nail this vulnerability down to a
>> single box or manufacturer" so it seems the answer is No.
>
>
>
>It is my understanding that many CPEs work off of same reference
>implementation(s). I haven't
>had any cycles for this but with all the CPE issues out there it would be
>interesting to have
>a matrix of which CPEs utilize which reference implementation. That may
>start giving some clues.
>
>Has someone / is someone doing this?
>
>- merike
>
