Comment 39 for bug 406122
Revision history for this message
|
|
#39 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
(In reply to comment #37)
> Maybe I'm misunderstandin
> that as long as the box is secure that no malicious attacker could send a
> packet since they wouldn't have the correct permissions to access the RNDC
> key?
Comment #20 has update for the initial description. Further investigation proved that the broken code is reachable even with update request packet that is not signed (hence attacked does not need to know key configured on the server) and even if bind is not configured for dynamic updates.