Ubuntu: Bind vulnerability


 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Ubuntu: Bind vulnerability
# 1  
Old 12-07-2009
Ubuntu: Bind vulnerability

LinuxSecurity.com: Michael Sinatra discovered that Bind did not correctly validate certain records added to its cache. When DNSSEC validation is in use, a remote attacker could exploit this to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic.

More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question
DNSSEC-CHECKDS(8)						       BIND9							 DNSSEC-CHECKDS(8)

NAME
dnssec-checkds - A DNSSEC delegation consistency checking tool. SYNOPSIS
dnssec-checkds [-l domain] [-f file] [-d dig path] [-D dsfromkey path] {zone} dnssec-dsfromkey [-l domain] [-f file] [-d dig path] [-D dsfromkey path] {zone} DESCRIPTION
dnssec-checkds verifies the correctness of Delegation Signer (DS) or DNSSEC Lookaside Validation (DLV) resource records for keys in a specified zone. OPTIONS
-f file If a file is specified, then the zone is read from that file to find the DNSKEY records. If not, then the DNSKEY records for the zone are looked up in the DNS. -l domain Check for a DLV record in the specified lookaside domain, instead of checking for a DS record in the zone's parent. For example, to check for DLV records for "example.com" in ISC's DLV zone, use: dnssec-checkds -l dlv.isc.org example.com -d dig path Specifies a path to a dig binary. Used for testing. -D dsfromkey path Specifies a path to a dnssec-dsfromkey binary. Used for testing. SEE ALSO
dnssec-dsfromkey(8), dnssec-keygen(8), dnssec-signzone(8), AUTHOR
Internet Systems Consortium COPYRIGHT
Copyright (C) 2012, 2013 Internet Systems Consortium, Inc. ("ISC") BIND9 April 11, 2012 DNSSEC-CHECKDS(8)