PLEASE READ: An Important Security Announcement from ISC

Michael McNally mcnally at
Wed Feb 8 05:57:11 UTC 2012

PLEASE READ:  An important security announcement from ISC

   ISC has been notified by Haixin Duan (a professor at Tsinghua
   University in Beijing China, who is currently visiting the
   International Computer Science Institute (ICSI) at the University
   of California, Berkeley) about a DNS resolver vulnerability that
   potentially allows a party to keep a domain name in the cache
   even after that domain name has been expired

   ISC is evaluating the risk of this vulnerability, but his published
   paper shows how this was demonstrated, live across the Internet.
   It lists several DNS implementations and open resolver deployments
   as vulnerable. All BIND 9 versions are currently considered

   A more detailed description of this vulnerability and ISC's
   planned response can be found at:

More information about the bind-announce mailing list