Bug 104480 - VeriSign added a wildcard A record to the .COM and .NET TLD DNS zones.
VeriSign added a wildcard A record to the .COM and .NET TLD DNS zones.
Status: CLOSED DUPLICATE of bug 104569
Product: Red Hat Linux
Classification: Retired
Component: bind (Show other bugs)
9
All Linux
high Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
: FutureFeature
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-09-16 01:29 EDT by Techwolf
Modified: 2007-03-27 00:09 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-02-21 13:58:35 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Techwolf 2003-09-16 01:29:00 EDT
PLEASE patch BIND to put a stop to this horriable tragity that just accoured.

Reference URL:
http://slashdot.org/articles/03/09/16/0034210.shtml?tid=126&tid=95&tid=98&tid=99

Summery: Verisign put in a top level wildcard on .com and .net domains. This is
so any missspelled domain goes to there search engine, where they profit from
it. They did this even though a person was just convited of registering
thousands of misspelled domains to trick users onto po*rn sites.

This will also break many spam filters, like spammassign.
Comment 1 Chris Ricker 2003-09-17 08:03:36 EDT
Closing as a dup of Bug #104569, since that one actually has the patch

*** This bug has been marked as a duplicate of 104569 ***
Comment 2 Dean K. Gibson 2003-09-20 20:42:41 EDT
I agree.  While technically not a bug, this fix is required for security 
features in other products to function properly;  eg, Sendmail and Postfix.  
Plus, having the fix available on RedHat would encourage wide adoption, which 
in turn would nullify the effects of VeriSign's "hijacking" of the purposes and 
RFC functions of the root servers.

The second BIND patch for this issue has been released.  I can understand if 
you want to wait a day or two for the dust to settle (the first patch has minor 
issues), but at least make some sort of announcement that a new RPM will be 
forthcoming.
Comment 3 Red Hat Bugzilla 2006-02-21 13:58:35 EST
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.

Note You need to log in before you can comment on or make changes to this bug.