Dan Bernstein Confirms Security Flaw In Djbdns

secmartin writes "Dan Bernstein has just admitted that a security issue has been found in the djbdns software, one of most popular alternatives for the BIND nameserver. As part of the djbdns security guarantee, $1000 will be paid to Matthew Dempsky, the researcher that found the bug. The bug allows a nameserver running djbdns to be poisoned using just a single packet. Other researchers have found a separate issue that allows dnscache, the DNS cache that is also part of the djbdns package, to be poisoned within just 18 minutes when using the default configuration. Anyone using djbdns is strongly encouraged to patch their servers immediately." Reader emad contributes a link to the djbdns mailing list post containing both a patch and a sample exploit, and adds: "In the words of Dan Kaminsky (of recent DNS security fame): 'However, Dempsky's bug in djb's tinydns is way more surprising, if only because ... holy crap, he pulled an exploitable scenario out of THAT?!'"

Re:Hell must have frozen over

[pseudonomous]

I've met him, he was a proffessor at my university when I was an undergrad, he used to help the math club practice for taking the Putnam exam. He's actually a fairly nice guy when you meet him in person.

Re:what about the man's attitude?

[myowntrueself]

Well yeah, I am amazed!

When someone (Fyodor iirc) found an exploit in qmail way back, Dan was in complete denial and was quite disingenuous about the whole thing.