Upgrade to 2000 DNS or stay with Unix Bind (Coexistence) ?
Jonathan de Boyne Pollard
J.deBoynePollard at tesco.net
Wed Jul 23 10:54:54 UTC 2003
KP> <URL:http://www.isc.org/products/BIND/bind-security.html>
KP> Does MS maintain a similar list?
KP> [...]
AF> I haven't seen any vulnerabilities, unless you
AF> know of a site that has them listed, such as for BIND?
That's what _he_ just asked _you_.
The aggregation of the information is a difference, of course.
The ISC keeps a handy list of some of the vulnerabilities in prior
versions of BIND; whereas Microsoft keeps no such handy list for
its DNS server, instead requiring people to search databases
themselves.
Of course, Microsoft's DNS server _has_ had similar vulnerabilities.
<URL:http://www.kb.cert.org./vuls/id/109475>
<URL:http://www.kb.cert.org./vuls/id/458659>
<URL:http://support.microsoft.com./default.aspx?id=258019>
<URL:http://support.microsoft.com./default.aspx?id=258282>
<URL:http://support.microsoft.com./default.aspx?id=162927>
<URL:http://www.microsoft.com./technet/security/bulletin/MS03-009.asp?frame=true>
More information about the bind-users
mailing list