IBM Information for VU#734644
ISC BIND 8 vulnerable to cache poisoning via negative responses
- Vendor Information Help Date Notified: 21 Oct 2003
- Statement Date:
- Date Updated: 03 Dec 2003
The AIX operating system is vulnerable to the BIND8 cache poisoning attack in releases 4.3.3, 5.1.0 and 5.2.0 . The APAR's for this fix and their availablity are listed below.
APAR number for AIX 4.3.3: IY49899 (available 2/25/2004)
APAR number for AIX 5.1.0: IY49881 (available)
APAR number for AIX 5.2.0: IY49883 (available 12/24/2003)
These APARs can be downloaded by following the link for IBM's Fix Central at:
The vendor has not provided us with any further information regarding this vulnerability.
IBM has published APAR IY49881 regarding this vulnerability. For more information, please see:
If you have feedback, comments, or additional information about this vulnerability, please send us email.