[dns-operations] BIND vulnerability affecting DNSSEC-validating resolvers
Rickard Dahlstrand
rickard.dahlstrand at iis.se
Thu Dec 3 08:26:12 UTC 2009
Hi,
Just wanted to remind everybody who is running DNSSEC-validating BIND resolver that they will need to update to 9.4.3-P4, 9.5.2-P1 or 9.6.1-P2 as soon as they can.
This vulnerability is real and allows a user to inject records into the cache. It is rated medium by ISC since it only affects DNSSEC-validating resolvers, but yesterday ISC upgraded this to a severe rating for users with DNSSEC validation turned on.
More information about this can be found at https://www.isc.org/node/504
Kind Regards, Rickard Dahlstrand, .SE
More information about the dns-operations
mailing list