Forgot your password?
typodupeerror
Security

+ - djb awards $1000 for first djbdns security hole->

Submitted by emad
emad (4377) writes "Last week, a patch and sample exploit were posted to the djbdns mailing list concerning a bug that allowed subdomain administrators to take over parent domains when served from the same tinydns/axfrdns servers. Today, Dan Bernstein acknowledged the security hole, recommended users to install the patch, and awarded $1000 to Matthew Dempsky for publishing the first verifiable security hole in djbdns. In the words of Dan Kaminsky (of recent DNS security fame): "However, Dempsky's bug in djb's tinydns is way more surprising, if only because...holy crap, he pulled an exploitable scenario out of THAT?!""
Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

djb awards $1000 for first djbdns security hole

Comments Filter:

The economy depends about as much on economists as the weather does on weather forecasters. -- Jean-Paul Kauffmann

Working...