A flaw exists in BIND 9.7.2 through 9.7.2-P1 pertaining to how an ACL is applied.
There is a flaw in BIND 9.7.2 through 9.7.2-P1 where the wrong ACL is applied. This flaw could allow access to a cache via recursion even though the ACL disallowed it. This bug is primarily a risk to operators running both authoritative and recursive DNS on the same BIND server in the same view.
A loss of confidentiality in cache data exists.
Upgrade to BIND 9.7.2-P2
This document was written by Jared Allar.
|Date First Published:||2010-09-30|
|Date Last Updated:||2010-09-30 13:49 UTC|