

Exploits start against flaw that could hamstring huge swaths of Internet - e28eta
http://arstechnica.com/security/2015/08/exploits-start-against-flaw-that-could-hamstring-huge-swaths-of-internet/

======
e28eta
This is interesting too: [https://www.isc.org/blogs/about-cve-2015-5477-an-
error-in-ha...](https://www.isc.org/blogs/about-cve-2015-5477-an-error-in-
handling-tkey-queries-can-cause-named-to-exit-with-a-require-assertion-
failure/)

I'm curious to see how this will shake out. Have all the big players upgraded
already?

-Is there a way to weaponize the exploit, instead of just crashing the server?-

Edit: I read the POC header comment, it says no.

------
dimino
Here's a PoC I found on GitHub:
[https://github.com/robertdavidgraham/cve-2015-5477](https://github.com/robertdavidgraham/cve-2015-5477)

