Larissa Shapiro, ISC Product Manager
ISC has recently become aware of a security advisory, CVE-2010-3762 filed against BIND 9 on October 5th 2010. ISC did not request this CVE, nor was it contacted by the submitter prior to its submission.
We believe the reported severity assessment of this CVE to be higher than is realistic. Specifically, because a recursive operator needs to have configured a specific zone to be trusted via adding a trust-anchor statement for it, we believe the impact of this vulnerability to be low.
