Forgot your password?
typodupeerror

Submission Summary: 0 pending, 6 declined, 0 accepted (6 total, 0.00% accepted)

Security

+ - djb awards $1000 for first djbdns security hole->

Submitted by emad
emad (4377) writes "Last week, a patch and sample exploit were posted to the djbdns mailing list concerning a bug that allowed subdomain administrators to take over parent domains when served from the same tinydns/axfrdns servers. Today, Dan Bernstein acknowledged the security hole, recommended users to install the patch, and awarded $1000 to Matthew Dempsky for publishing the first verifiable security hole in djbdns. In the words of Dan Kaminsky (of recent DNS security fame): "However, Dempsky's bug in djb's tinydns is way more surprising, if only because...holy crap, he pulled an exploitable scenario out of THAT?!""
Link to Original Source

"A great many people think they are thinking when they are merely rearranging their prejudices." -- William James

Working...