• Dear Pleskians! The Plesk Forum will be undergoing scheduled maintenance on Monday, 7th of July, at 9:00 AM UTC. The expected maintenance window is 2 hours.
    Thank you in advance for your patience and understanding on the matter.

DNS fix?

What's the ETA on that?

The discoverer will be publishing the vulnerability August 2nd. We have to be able to test the Plesk patch and fix the issues that are inevitably going to be caused by the Plesk update before the DNS poisoning from these is in the wild - which is going to be around August 3rd (if not sooner).
 
Greetings:

See http://www.theregister.co.uk/2008/07/09/dns_bug_student_discovery/

This vulnerability was reported approximately three years ago.

If your servers are secured, and your DNS servers secured (which means you only transfer between your own name severs, and only recursive queries through your own servers), then the DNS poisoning to worry about is not your own cluster, those servers external to yours.

That's why all parties need to patch. If it was just Plesk users who patched or just H-Sphere users who patched, the threat would still be present from the outside world.

In any event, we are all waiting on patching -- Plesk, H-Sphere, and other Parallels products as every patched server contributes to the overall health of the net.

Thank you.
 
You must log in or register to reply here.

Similar threads

R
Resolved Bug Report: BIND Update Issue on RHEL 8
Replies
1
Views
2K
Sebahat.hadzhi
Sebahat.hadzhi
Mario Chamorro
Input Webmail 502 Bad Gateway
Replies
0
Views
2K
Mario Chamorro
Mario Chamorro
J
Resolved Can't login at Plesk admin panel (Plesk Onyx 17.0.17)
Replies
6
Views
11K
JVG
J
P
Issue Additional DNS Settings not working - no IPv6 Resolution
Replies
3
Views
4K
johnny_silverhand
J
I
Issue maria DB update plesk 18.0.50
Replies
10
Views
5K
Maarten
M
Back
Top