[dns-operations] BIND Security Advisory
Tom Daly
tom at dyn.com
Tue Jul 28 23:12:31 UTC 2009
> A purely cache only server should not be affected. Being auth for a
> single zone would make you be vulnerable.
Some quick and dirty research/testing on our side indicates that being an authoritative slave doesn't make you vulnerable either, it is only if you are authoritative master, i.e.:
zone blat.com {
type master;
...
};
Then again, if you choose to be RFC1912 compliant, you probably made yourself vulnerable.
Anyone from ISC want to confirm?
Tom
More information about the dns-operations
mailing list