Nominum Information for VU#800113

Multiple DNS implementations vulnerable to cache poisoning

Status

Affected

Vendor Statement

Nominum has implemented source port randomization in CNS versions
3.0.4.0 and Vantio versions 3.3.1.0 and above.  Users of older  versions of CNS
and Vantio are strongly advised to upgrade.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

None

Addendum

Nominum has also published additional details about this issue in the following document:

<http://www.nominum.com/asset_upload_file741_2661.pdf>

If you have feedback, comments, or additional information about this vulnerability, please send us email.