The ISC and DShield websites will be unavailable on Wednesday Nov 25th from 8-8:30 am EST.

BIND Security Advisory (DNSSEC only)

Published: 2009-11-24. Last Updated: 2009-11-24 17:19:44 UTC
by John Bambenek (Version: 1)
0 comment(s)

The other ISC (Internet Systems Consortium) has released a security advisory on BIND and security patches for nameservers running with DNSSEC validation enabled. Essentially it is possible for inappropriate caching of records from the additional records section of a query response. Typically, however, resolvers don't query in such a way as to make this a wide-impacting problem for the bulk of users.

You can read the advisory here.

Upgrade to 9.4.3-P4, 9.5.2-P1 or 9.6.1-P2.

--
John Bambenek
bambenek at gmail /dot/ com

Keywords: bind cache poisoning dnssec isc
0 comment(s)

Microsoft Security Advisory 977981 - IE 6 and IE 7

Published: 2009-11-24. Last Updated: 2009-11-24 01:50:07 UTC
by Rick Wanner (Version: 1)
0 comment(s)

Related to Marc's Diary from 11/23, Microsoft has released Security Advisory 977981.  It details vulnerabilites in Internet Explorer 6 and 7 on various operating systems.  The advisory does not provide any patches or new versions at this point, but does provide several recommendations for mitigation.

 

-- Rick Wanner - rwanner at isc dot sans dot org

Keywords: Internet Explorer microsoft vulnerability
0 comment(s)

Comments

Login here to join the discussion.


Diary Archives