Alcatel Information for VU#581682
ISC BIND 8 fails to properly dereference cache SIG RR elements with invalid expiry times from the internal database
- Vendor Information Help Date Notified:
- Statement Date:
- Date Updated: 25 Feb 2003
Unknown. If you are the vendor named above, please contact us to update your status.
Following CERT advisory CA-2002-31 on security vulnerabilities in the ISC BIND implementation, Alcatel has conducted an immediate assessment to determine any impact this may have on our portfolio. A first analysis has shown that the following products (OmniSwitch 6600, 7700, 8800) may be impacted. Customers may wish to contact their support for more details. The security of our customers' networks is of highest priority for Alcatel. Therefore we continue to test our product portfolio against potential ISC BIND security vulnerabilities and will provide updates if necessary.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.