PLEASE READ: An Important Security Announcement from ISC
Michael McNally
mcnally at isc.org
Wed Feb 8 05:57:17 UTC 2012
PLEASE READ: An important security announcement from ISC
ISC has been notified by Haixin Duan (a professor at Tsinghua
University in Beijing China, who is currently visiting the
International Computer Science Institute (ICSI) at the University
of California, Berkeley) about a DNS resolver vulnerability that
potentially allows a party to keep a domain name in the cache
even after that domain name has been expired
ISC is evaluating the risk of this vulnerability, but his published
paper shows how this was demonstrated, live across the Internet.
It lists several DNS implementations and open resolver deployments
as vulnerable. All BIND 9 versions are currently considered
vulnerable.
A more detailed description of this vulnerability and ISC's
planned response can be found at:
https://www.isc.org/software/bind/advisories/cve-2012-1033
More information about the bind-users
mailing list