PLEASE READ: An Important Security Announcement from ISC

Kazunori Fujiwara fujiwara at
Wed Feb 8 10:40:51 UTC 2012

Searching the title of the vulnerability with google results one PDF document.

It shows details.

Kazunori Fujiwara

> From: Michael McNally <mcnally at>
> PLEASE READ:  An important security announcement from ISC
>   ISC has been notified by Haixin Duan (a professor at Tsinghua
>   University in Beijing China, who is currently visiting the
>   International Computer Science Institute (ICSI) at the University
>   of California, Berkeley) about a DNS resolver vulnerability that
>   potentially allows a party to keep a domain name in the cache
>   even after that domain name has been expired
>   ISC is evaluating the risk of this vulnerability, but his published
>   paper shows how this was demonstrated, live across the Internet.
>   It lists several DNS implementations and open resolver deployments
>   as vulnerable. All BIND 9 versions are currently considered
>   vulnerable.
>   A more detailed description of this vulnerability and ISC's
>   planned response can be found at:
> _______________________________________________
> Please visit to
> unsubscribe from this list
> bind-users mailing list
> bind-users at

More information about the bind-users mailing list