Discussion:
BIND
(too old to reply)
Ken Connelly
2008-07-09 13:21:12 UTC
Permalink
Presumably the BIND 8 in MultiNet 5.1 (and earlier) and the BIND 9 in
MultiNet 5.2 are affected by the cache poisoning vulnerability announced
yesterday. Are there plans to fix both? Or just the BIND 9 since that
is all that ISC is patching? In either case, do you have a timeframe?

To make this an official request, there's a Bcc: to ***@process.com
as well as the general query to the list.

Thanks!
--
- Ken
=================================================================
Ken Connelly Associate Director, Security and Systems
ITS Network Services University of Northern Iowa
email: ***@uni.edu p: (319) 273-5850 f: (319) 273-7373
Ralph Young
2008-07-09 13:23:17 UTC
Permalink
Hi Ken -

We are looking at the vulnerability now and will be patching Bind 9.

It's not clear yet if it is also a vulnerability in Bind 8.x

-Ralph Young
Process Software

-----Original Message-----

Presumably the BIND 8 in MultiNet 5.1 (and earlier) and the BIND 9 in
MultiNet 5.2 are affected by the cache poisoning vulnerability announced
yesterday. Are there plans to fix both? Or just the BIND 9 since that
is all that ISC is patching? In either case, do you have a timeframe?

To make this an official request, there's a Bcc: to ***@process.com
as well as the general query to the list.

Thanks!
--
- Ken
=================================================================
Ken Connelly Associate Director, Security and Systems
ITS Network Services University of Northern Iowa
email: ***@uni.edu p: (319) 273-5850 f: (319) 273-7373
Ken Connelly
2008-07-09 13:34:23 UTC
Permalink
Thanks, Ralph. Alan Clegg from ISC has stated publicly
(http://lists.sans.org/pipermail/unisog/attachments/20080708/de25682c/attachment.eml)
that BIND 8 is also vulnerable, but won't be patched by ISC since that
version is no longer supported by ISC.

- ken
Post by Ralph Young
Hi Ken -
We are looking at the vulnerability now and will be patching Bind 9.
It's not clear yet if it is also a vulnerability in Bind 8.x
-Ralph Young
Process Software
-----Original Message-----
Presumably the BIND 8 in MultiNet 5.1 (and earlier) and the BIND 9 in
MultiNet 5.2 are affected by the cache poisoning vulnerability
announced yesterday. Are there plans to fix both? Or just the BIND 9
since that is all that ISC is patching? In either case, do you have a
timeframe?
To make this an official request, there's a Bcc: to
Thanks!
--
- Ken
=================================================================
Ken Connelly Associate Director, Security and Systems
ITS Network Services University of Northern Iowa
email: ***@uni.edu p: (319) 273-5850 f: (319) 273-7373
Loading...