A vulnerability exists in the way BIND 9 handles recursive client queries that may cause additional records to be added to its cache.
BIND 9 contains a vulnerability in the way recursive client queries are handled. According to ISC:
A nameserver with DNSSEC validation enabled may incorrectly add unauthenticated records to its cache that are received during the resolution of a recursive client query with checking disabled (CD), or when the nameserver internally triggers a query for missing records for recursive name resolution. Cached records can be returned in response to subsequent client queries with or without requesting DNSSEC records (DO). In addition, some of them can be returned to queries with or without checking disabled (CD).
An attacker may be able to manipulate cache data and perform DNS Cache Poisoning.
Disable DNSSEC Validation
ISC credits Michael Sinatra, UC Berkeley with finding this issue.
This document was written by Chris Taschner.
|Date First Published:||2009-12-01|
|Date Last Updated:||2010-01-19 19:08 UTC|