BIND 8.2.4 vulnerability scope

Darren Spruell phatbuckett at
Tue Jan 2 23:49:55 UTC 2007

On 1/2/07, Mark Andrews <Mark_Andrews at> wrote:
> > Question is, is disabling recursion on the affected host enough to
> > mitigate all known vulnerabilities against this software version, or
> > do any of the known flaws work via non-recursive queries as well?
> > Also, is the community aware of any holes in this version of the
> > software that may not have made it into the vulnerability matrix that
> > would warrant an update as well?
> >
> > I realize that the short answer is "just update" but the client likes
> > to have the option of workarounds where possible.
> >
> > Thanks in advance,
> >
> > DS
>         BIND 8 is dead.  The only part of BIND 8 that gets updated
>         these days is libbind and that is shipped as part of BIND 9.

Thanks for the notice. We'll begin an upgrade.

In the meantime, is my belief about mitigating known vulnerabilities
by disabling recursion correct for a workaround?


More information about the bind-users mailing list