1 post • joined 1 Mar 2009
Second bug not just a forgery issue
"He would notice that forgery issues to *NOT* qualify for the security bounty. FAIL!"
Right, and for this reason, I don't think DJB will award the $1000 to Kevin Day. However, the bug that I pointed out is an actual exploitable bug in how djbdns builds DNS response packets, which I believe is covered by DJB's security guarantee. You can read my BugTraq posting for more details (linked within the article).
- Apple: We'll unleash OS X Yosemite beta on the MASSES on 24 July
- Pics It's Google HQ - the British one: Reg man snaps covert shots INSIDE London offices
- White? Male? You work in tech? Let us guess ... Twitter? We KNEW it!
- The END of the FONDLESLAB KINGS? Apple and Samsung have reason to FEAR
- Researcher sat on critical IE bugs for THREE YEARS