Debian-news is about one simple thing - news about Debian GNU/Linux and the top free distributions based on Debian GNU/Linux.


Major fix to DNS vulnerability impacts Windows, Debian

A very serious flaw in the Internet's DNS servers may have been ripe for a significant exploit, though a familiar security researcher might have sounded the alarm just in time. Now, Microsoft and Linux vendors are responding urgently.

Read it here


The real vulnerability is not in Windows or Linux but in BIND, the most widely deployed DNS software everywhere. A security feature in BIND creates a transaction ID for communications between an IP host and a DNS server. Supposedly, that transaction ID is supposed to be randomized using a 15-bit binary number. But the way it's typically deployed, each limitation or option added to the system reduces the number of bits in that random number by one each time, and reduces the number of guesses a malicious script requires to guess the transaction ID by a power of two.

No Response to “Major fix to DNS vulnerability impacts Windows, Debian” »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Debian-News is not related to the Debian Project.
All logos and trademarks on this site are property of their respective owners.