[dns-operations] BIND Security Advisory

Tom Daly tom at dyn.com
Tue Jul 28 23:12:31 UTC 2009

> A purely cache only server should not be affected. Being auth for a  
> single zone would make you be vulnerable.

Some quick and dirty research/testing on our side indicates that being an authoritative slave doesn't make you vulnerable either, it is only if you are authoritative master, i.e.:

zone blat.com {
  type master;

Then again, if you choose to be RFC1912 compliant, you probably made yourself vulnerable.

Anyone from ISC want to confirm?


More information about the dns-operations mailing list