"Dan Bernstein has just admitted that a security issue has been found in the djbdns software,
one of most popular alternatives for the BIND nameserver. As part of
the djbdns security guarantee, $1000 will be paid to Matthew Dempsky,
the researcher that found the bug. The bug allows a nameserver running
djbdns to be poisoned using just a single packet. Other researchers have found a separate issue
that allows dnscache, the DNS cache that is also part of the djbdns
package, to be poisoned within just 18 minutes when using the default
configuration. Anyone using djbdns is strongly encouraged to patch
their servers"
Read more: http://it.slashdot.org/article.pl?sid=09/03/05/2014249
