Date: Thu, 13 Nov 2014 21:02:40 +0000 From: Jeremy Stanley <fungi@...goth.org> To: oss-security@...ts.openwall.com Subject: Re: Re: CVE-request: systemd-resolved DNS cache poisoning On 2014-11-13 08:03:36 -1000 (-1000), Daniel Kahn Gillmor wrote: [...] > the problem with systemd-resolved as i understand it not that it's > accepting packets from DNS servers it didn't request from, but > that it's caching unrelated responses in those records. [...] This sounds at least superficially similar to BIND CVE-2009-4022. -- Jeremy Stanley
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ