MNBSD-2008-6: BIND DNS cache poisoning (Kaminsky) fixed by updating to 9.4.1p1

Severity: Unknown

Affected Package: bind

Summary: BIND DNS cache poisoning (Kaminsky) fixed by updating to 9.4.1p1

Description

BIND was updated to 9.4.1p1 to address the widely reported DNS cache poisoning vulnerability (the Kaminsky attack) affecting most DNS software, which allowed remote attackers to spoof DNS responses. Users were recommended to update to the latest version in src on RELENG_0_2 or CURRENT, or via mports. This corresponds to FreeBSD-SA-08:06.bind.

Affected Versions

bind

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases: CVE-2008-1447

Published: July 11, 2008
Last Modified: July 11, 2008