BIND 8.2.4 vulnerability scope

Darren Spruell phatbuckett at
Tue Jan 2 18:58:58 UTC 2007

I've identified a bind 8.2.4 installation for which we are determining
options for updating or remediating vulnerabilities. According the to
the BIND vulnerability matrix, 8.2.4 is listed as vulnerable to a
number of attacks, including, "libbind", "DoS_multi", "sigrec" and
"negcache." From what I can tell, each of these relates to a flaw in
handling of answers to recursive queries.

Question is, is disabling recursion on the affected host enough to
mitigate all known vulnerabilities against this software version, or
do any of the known flaws work via non-recursive queries as well?
Also, is the community aware of any holes in this version of the
software that may not have made it into the vulnerability matrix that
would warrant an update as well?

I realize that the short answer is "just update" but the client likes
to have the option of workarounds where possible.

Thanks in advance,


More information about the bind-users mailing list