Sun Microsystems Inc. Information for VU#734644

ISC BIND 8 vulnerable to cache poisoning via negative responses

Status

Affected

Vendor Statement

All supported releases of Solaris (ie Solaris 7, 8 and 9)
are affected by this issue. We have published a Sun Alert which is
available from:
http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fsalert/57434

It describes a possible workaround that can be used until official patches
are released.

Supported Cobalt platforms and Sun Linux 5.0 are also affected. A Sun
Alert will be published and will be available from:
http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fsalert/

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.