[VIM] Recent HP advisories outline BIND problems
Steven M. Christey
coley at mitre.org
Thu Feb 16 01:26:00 EST 2006
An update to an HP advisory provided more details on the issue, where
they originally had been extremely vague.
It quotes the ISC web page as saying:
"BIND4/BIND8 Unsuitable for Forwarder Use... If a nameserver -- any
nameservEr, whether BIND or otherwise -- is configured to use
'forwarders', then none of the target forwarders can be running
BIND4 or BIND8. Upgrade all nameservers used as 'forwarders' to
BIND9. There is a current, wide scale Kashpureff-style DNS cache
corruption attack which depends on BIND4 and BIND8 as 'forwarders'
targets."
This turns out to be related to some series of attacks that took place
in April 2005 and further exposed by Dan Kaminsky in August:
http://computerworld.com/networkingtopics/networking/story/0,10801,103744,00.html
So it's been publicly known for a while.
Just FYI in case I'm not the only person who missed all this when it
first happened ;-)
- Steve
More information about the VIM
mailing list