Super Patch Tuesday: DNS Vulnerability Announced

[ViRGE]

I'm surprised no one has already posted this: CVE-2008-1447. A major vulnerability in the design of DNS has been discovered, which if exploited can lead to a successful DNS cache poisoning attack. This has resulted in a Patch Tuesday of epic proportions as some 81 companies have simultaneously released updates to patch out the issue. Affected software includes Windows, glibc, BIND, Cisco routers, and more.

Grab a pot (or two) of coffee and start patching, there's a lot of stuff that needs taken care of.:Q

 

[CalvinHobbes]

The report said routers were also affected but I only see a mention of Cisco routers. Does this mean home routers (Linksys, DLink, etc) are not going to be affected?

 

[imported_BadBlock]

Most home routers don't do dns caching so they should be unaffected.

 

[blackangst1]

This only really affects core backbone DNS routers. And IMHO its one the top security fixes int he last decade. DNS poisoning is no joke.