PLEASE READ: An Important Security Announcement from ISC
fujiwara at wide.ad.jp
Wed Feb 8 10:40:51 UTC 2012
Searching the title of the vulnerability with google results one PDF document.
It shows details.
> From: Michael McNally <mcnally at isc.org>
> PLEASE READ: An important security announcement from ISC
> ISC has been notified by Haixin Duan (a professor at Tsinghua
> University in Beijing China, who is currently visiting the
> International Computer Science Institute (ICSI) at the University
> of California, Berkeley) about a DNS resolver vulnerability that
> potentially allows a party to keep a domain name in the cache
> even after that domain name has been expired
> ISC is evaluating the risk of this vulnerability, but his published
> paper shows how this was demonstrated, live across the Internet.
> It lists several DNS implementations and open resolver deployments
> as vulnerable. All BIND 9 versions are currently considered
> A more detailed description of this vulnerability and ISC's
> planned response can be found at:
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
> bind-users mailing list
> bind-users at lists.isc.org
More information about the bind-users