CVS 2011-1910

Mark Andrews marka at
Wed Jun 22 23:37:23 UTC 2011

In message <6134BB3286A31D4DB61E57114E8BA7C0607E497E at
m>, Jack Tavares writes:
> I would like a clarification of something about this vulnerability.
> If my named config has "recursion no", it is vulnerable to this ?
> Thanks

Potentially.  Authoritative servers make their own queries and cache
the results as part of the process of working out the addresses of
where to send NOTIFY messages.  Some of the answers to those queries
may tickle this bug.

Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at

More information about the bind-users mailing list