Whom the BIND newest vulnerability concerns?
Hello,
the slink (stable) version of bind (1:8.1.25) is relatively old and -
according to
http://www.isc.org/products/BIND/bind-security-19991108.html
- it contains a few security bugs.
The newest vulnerability _may_ lead to remote root compromise.
Is a corrected package expected?
I'm a little scared of this latest bug... It is connected with "the
processing of NXT records". I haven't managed to find a clear description
of this type (NXT) records; seems this is quite new type.
So my concern is: if a server has _not_ such records in its own files, is
it vulnerable?
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
tomek@lodz.tpsa.pl http://www.lodz.tpsa.pl/ | ones and zeros.
Reply to: