1 post • joined 1 Mar 2009
Second bug not just a forgery issue
"He would notice that forgery issues to *NOT* qualify for the security bounty. FAIL!"
Right, and for this reason, I don't think DJB will award the $1000 to Kevin Day. However, the bug that I pointed out is an actual exploitable bug in how djbdns builds DNS response packets, which I believe is covered by DJB's security guarantee. You can read my BugTraq posting for more details (linked within the article).
- +Comment 'Private Facebook' Ello: There's a reason we're in beta. SPAMGASM!
- NASA rover Curiosity drills HOLE in MARS 'GOLF COURSE'
- WHY did Sunday Mirror stoop to slurping selfies for smut sting?
- Business is back, baby! Hasta la VISTA, Win 8... Oh, yeah, Windows 9
- Third patch brings more admin Shellshock for the battered and Bashed