Major DNS Flaw revealed

The Security blogosphere is exploding with chatter today about leaked details of Dan Kaminsky's multi-vendor DNS flaw.

Here is how it works (according to leak):

Malory wants to poison the server

Malory sends NS requests for, … to

Malory then sends a forged answers, saying that the NS for is *AND* puts a glue record saying that is

Because the glue records corresponds with the answer record, (same domain) the targetted nameserver will cache or replace it’s curent record of to be

Make sure to read the comments for details of the original leak (Matasano's blog), the drama is Matasano originally called BS on the flaw forcing Dan to back it up with a phone briefing. Thomas Ptacek then re-tracked his BS claims under the agreement he would keep quiet. Now the same guy leaked the technical details is attempting to apologize... What a jerk.