Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
Security

Submission + - djb awards $1000 for first djbdns security hole (marc.info)

emad writes: Last week, a patch and sample exploit were posted to the djbdns mailing list concerning a bug that allowed subdomain administrators to take over parent domains when served from the same tinydns/axfrdns servers. Today, Dan Bernstein acknowledged the security hole, recommended users to install the patch, and awarded $1000 to Matthew Dempsky for publishing the first verifiable security hole in djbdns. In the words of Dan Kaminsky (of recent DNS security fame): "However, Dempsky's bug in djb's tinydns is way more surprising, if only because...holy crap, he pulled an exploitable scenario out of THAT?!"

Slashdot Top Deals

In space, no one can hear you fart.

Working...