BIND Vulnerability Patch
Kevin Darcy
kcd at daimlerchrysler.com
Thu Oct 19 19:56:30 UTC 2000
BIND 8 would be far preferable to BIND 4. In fact, you may even want to consider
BIND 9, which I don't think is missing any of the functionality you're used to in
BIND 4, just some BIND 8 goodies.
If you want to stick with vendor-supplied software, upgrade your OS to Solaris 7
or Solaris 8, which includes a BIND 8-based nameserver and resolver libraries.
- Kevin
Kent A. Yamamoto wrote:
> A scan on our DNS showed a vulnerability (ie., illegally formatted DNS request
> can crash some BIND servers). The recommendation is to upgrade to BIND 4.9.7 or
> BIND 8.2.2-P5. The DNS is
> currently running Solaris 2.6 software and BIND 4.9.4. Do you suggest upgrading
> to BIND 8.x
> instead of using BIND 4.9.7? Furthermore, do you have the BIND 4.9.7 patch?
>
> Regards,
> Kent
More information about the bind-users
mailing list