VeriSign adds DNS wild-cards
It seems there's another remote exploit in the wild against portable
versions of OpenSSH.
There is an advisory
about it, and some mail.
OpenBSDs included OpenSSH isn't
affected apparently. I guess it's because of
W^X and Propolice — proactive security.
Some companies really don't have a clue. Take for example Verisign.
They just added a wildcard
A record for the
.net TLDs, so when
you ask for some nonexistent
you get redirected to sitefinder.verisign.com.
Fortunately it's a fixable problem, look at these Verisign
The sitefinder.verisign.com server seems to be down now. Perhaps those lame script kiddiots made themselves useful for once.