Danny Mayer mayer at gis.net
Mon Dec 14 14:54:14 UTC 2009

supriya samanta wrote:
> Hello All,
> As per ISC security bulletin *CVE-2009-4022* There is a problem with
> BIND 9 Cache Update From Additional Section
> *Problem Description:* A Nameserver with DNSSEC validation enabled may
> incorrectly add records to its cache from the additional section of
> responses received during resolution of a recursive client query.This
> behavior only occurs when processing client queries with checking disabled
> (CD).It may occur both when requesting,and not when requesting,DNSSEC
> records(DO).If the nameserver is authoritative-only this will not occur.
> We have some business requirement where we need to reproduce the problem.
> Could anyone advice a test case which I may use or direct me to some
> website which could be useful for this purpose.

You should contact ISC directly about this rather than the mailing list.


This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the bind-users mailing list