PLEASE READ: An important security announcement from ISC
ISC has been notified by Haixin Duan (a professor at Tsinghua
University in Beijing China, who is currently visiting the
International Computer Science Institute (ICSI) at the University
of California, Berkeley) about a DNS resolver vulnerability that
potentially allows a party to keep a domain name in the cache
even after that domain name has been expired
ISC is evaluating the risk of this vulnerability, but his published
paper shows how this was demonstrated, live across the Internet.
It lists several DNS implementations and open resolver deployments
as vulnerable. All BIND 9 versions are currently considered
vulnerable.
A more detailed description of this vulnerability and ISC's
planned response can be found at:
https://www.isc.org/software/bind/advisories/cve-2012-1033
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
