supriya samanta supriya.iem at gmail.com
Thu Dec 10 17:33:59 UTC 2009

 Hello All,

As per ISC security bulletin *CVE-2009-4022* There is a problem with BIND 9
Cache Update From Additional Section

*Problem Description:* A Nameserver with DNSSEC validation enabled may
incorrectly add records to its cache from the additional section of
responses received during resolution of a recursive client query.This
behavior only occurs when processing client queries with checking disabled
(CD).It may occur both when requesting,and not when requesting,DNSSEC
records(DO).If the nameserver is authoritative-only this will not occur.

We have some business requirement where we need to reproduce the problem.

Could anyone advice a test case which I may use or direct me to some website
which could be useful for this purpose.

Any help will be appreciated.

Many Thanks,
Supriya Samanta
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20091210/471b9bf6/attachment.html>

More information about the bind-users mailing list