Wind River Support Network

HomeDefectsLIN4-27917
Fixed

LIN4-27917 : Security Advisory - BIND - CVE-2009-4022

Created: Dec 10, 2009    Updated: May 18, 2015
Resolved Date: Sep 12, 2010
Previous ID: LIN2-8095
Found In Version: 4.0
Fix Version: 4.0
Severity: Severe
Applicable for: Wind River Linux 4
Component/s: Userspace

Description

Unspecified vulnerability in ISC BIND 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, 9.7 beta before 9.7.0b3, and 9.0.x through 9.3.x with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks via additional sections in a response sent for resolution of a recursive client query, which is not properly handled when the response is processed at the same time as requesting DNSSEC records (DO).

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4022

Steps to Reproduce

Unknown

Other Downloads


Live chat
Online