1 Developers Needed For HackThisSite v6

Incomplete projects are a staple of HackThisSite, and the best solution to this problem is to create more projects to never get completed! First with v4, the project ran stagnate for over four years until it was finally scrapped. Then v5 happened, and went through a series of transitions and rewrites, and is still (not) going strong after 3+ years of work. So rather than waste more time on wasted time, what better idea is there than to start fresh, again?

With v6, we plan on writing everything in as many languages as we can muster, to keep people from getting bored and to keep future developers from being able to maintain it! The expected languages include Ruby, Perl, Python, PHP, Java, node.js, C, C++, C--, C+-, C#, Visual Basic 6, Lisp, Lua, Ada, x86 Assembly, Prolog, Fortran, Cobol, Herp-a-Derp, Brainfuck, and any other languages people can throw at us. We need developers who aren't afraid to never complete a project, not meet deadlines, and fail to deliver on promises.

1 DNS poisoning via Port Exhaustion

Today we are releasing a very interesting whitepaper which describes a DNS poisoning attack against stub resolvers.
It discloses two vulnerabilities:

1. A vulnerability in Java (CVE-2011-3552, CVE-2010-4448) which enables remote DNS poisoning using Java applets. This vulnerability can be triggered when opening a malicious webpage. A successful exploitation of this vulnerability may lead to disclosure and manipulation of cookies and web pages, disclosure of NTLM credentials and clipboard data of the logged-on user, and even firewall bypass.
2. A vulnerability in multiuser Windows environments which enables local DNS cache poisoning of arbitrary domains. This  vulnerability can be triggered by a normal user (i.e. one with non-administrative rights) in order to attack other users of the system. A successful exploitation of this vulnerability may lead to information disclosure, privilege escalation, universal XSS and more.