Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: BIND Security Advisory (DNSSEC only) - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
BIND Security Advisory (DNSSEC only)

The other ISC (Internet Systems Consortium) has released a security advisory on BIND and security patches for nameservers running with DNSSEC validation enabled. Essentially it is possible for inappropriate caching of records from the additional records section of a query response. Typically, however, resolvers don't query in such a way as to make this a wide-impacting problem for the bulk of users.

You can read the advisory here.

Upgrade to 9.4.3-P4, 9.5.2-P1 or 9.6.1-P2.

--
John Bambenek
bambenek at gmail /dot/ com

John

245 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!