[ga] DNS Tool cache poisining security problem

["Jeffrey A. Williams" <jwkckid1@xxxxxxxxxxxxx>]

All

  For those of you that may use or have providers that use
djbdns, see the following:

09.9.21 CVE: CVE-2008-4392
Platform: Cross Platform
Title: djbdns dnscache SOA Requests Remote Cache Poisoning
Description: djbdns is a suite of Domain Name System (DNS) tools. The
dnscache (caching/resolver server) component of djbdns is exposed to a
DNS cache poisoning issue that arises because the application fails to
handle SOA (Start of Authority) records in a proper manner. djbdns
version 1.05 is affected.
Ref: http://www.securityfocus.com/bid/33818

Regards,

Spokesman for INEGroup LLA. - (Over 284k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
   Abraham Lincoln
"YES WE CAN!"  Barack ( Berry ) Obama

"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1@xxxxxxxxxxxxx
My Phone: 214-244-4827