Bug puts net’s most popular DNS app in Bind

Makers of Bind have warned of a security vulnerability in versions of the domain name resolution application that could allow attackers to trick servers into returning unauthorized results.

The bug in the Berkeley Internet Name Domain program surfaces only when the DNSSEC security implementation is enabled and the name server accepts queries from the internet at large, a designation known as recursive. The combination of name servers being both recursive and using DNSSEC to validate records is rare, according to this advisory from the Internet Systems Consortium, which maintains Bind.

Source

Digg this!
Share this on Reddit
Share this on del.icio.us
Stumble upon something good? Share it on StumbleUpon
Tweet This!
Share this on Facebook
Ping this on Ping.fm
Share this on Technorati

This entry was posted on Wednesday, November 25th, 2009 at 8:02 amand is filed under DNS, Open-Source, Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

uncompiled.com

Bug puts net’s most popular DNS app in Bind

Leave a Reply

Categories

Archives

New Files

Comics

Conferences

Friends

Organizations

Podcasts

Programming