<br><br>
<div class="gmail_quote">
<div>
<div><font face="Arial" size="2"><span>Hello All,</span></font></div>
<div><font face="Arial" size="2"><span>       </span></font></div>
<div><font face="Arial" size="2"><span>As per ISC security bulletin <strong>CVE-2009-4022</strong> There is a problem with BIND 9 Cache Update From Additional Section</span></font></div>
<div><font face="Arial" size="2"><span>    </span></font></div>
<div><font face="Arial" size="2"><span><strong>Problem Description:</strong> A Nameserver with DNSSEC validation enabled may incorrectly add records to its cache from the additional section of responses received during resolution of a recursive client query.This behavior only occurs when processing client queries with checking disabled</span></font></div>

<div><font face="Arial" size="2"><span>(CD).It may occur both when requesting,and not when requesting,DNSSEC records(DO).If the nameserver is authoritative-only this will not occur.</span></font></div>
<div><font face="Arial" size="2"><span></span></font> </div>
<div><font face="Arial" size="2"><span>We have some business requirement where we need to reproduce the problem.</span></font></div>
<div><font face="Arial" size="2"><span></span></font> </div>
<div><font face="Arial" size="2"><span>Could anyone advice a test case which I may use or direct me to some website which could be useful for this purpose.</span></font></div>
<div><font face="Arial" size="2"><span></span></font> </div>
<div><font face="Arial" size="2"><span>Any help will be appreciated.</span></font></div>
<div><font face="Arial" size="2"><span></span></font> </div>
<div><font face="Arial" size="2"><span>Many Thanks,</span></font></div>
<div><font face="Arial" size="2"><span>Supriya Samanta</span></font></div>
<p><strong><span style="FONT-SIZE: 10pt; COLOR: green; FONT-FAMILY: 'Palatino Linotype','serif'"></span></strong><span></span></p>
<p> </p></div></div>