Re: Another BIND vulnerability (cache poisoning)
- From: "Jeffrey H. Coffield" <jeffrey@xxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 28 Jul 2008 10:59:04 -0700
I contacted HP support for one of my customers and got the following response:
There are 2 part to DNS.>
1) Server
- The vulnerability only affects the servers and may render it "compromised", and there is a fix for this.
2) Resolver/client
- The vulnerability will not affect the clients directly and there is no fix for it.
But if your client is pointing to a server that was compromised, the client may not get the proper answers from the affected server.
The only fix to this is to fix the affected server or point your client to another server that is not compromised.
Regards,
Jay So HP Services
Since these systems point to a corporate DNS server (at another location and the responsibility of another department) I am not asking for the patch but HP said they had one.
At other customers, the OpenVMS systems point to DNS servers provided by their ISPs and I am checking those to see if they are patched. I am using http://www.doxpara.com/ to do the test.
As I understand the problem, once the server your system points to is patched, there is nothing more you can do. If this is not correct, please let me know.
Jeffrey Coffield
www.digitalsynergyinc.com
.
- Follow-Ups:
- Re: Another BIND vulnerability (cache poisoning)
- From: Jan-Erik Söderholm
- Re: Another BIND vulnerability (cache poisoning)
- References:
- Another BIND vulnerability (cache poisoning)
- From: JF Mezei
- Another BIND vulnerability (cache poisoning)
- Prev by Date: Re: Itanium Question
- Next by Date: Re: Itanium Question
- Previous by thread: Re: Another BIND vulnerability (cache poisoning)
- Next by thread: Re: Another BIND vulnerability (cache poisoning)
- Index(es):
Relevant Pages
|
Loading
