Severity: Unknown
Affected Package: bind
Summary: BIND DNSSEC signature verification failure enabling spoofing
BIND did not properly check the return value from the OpenSSL DSA/EVP signature verification function, allowing an attacker to spoof DNSSEC-validated records (a DNSSEC/cache-poisoning attack). The fix was applied to 0.2.1 and 0.3-CURRENT. This corresponds to FreeBSD-SA-09:04.bind.
No specific recommendations provided.
Aliases: CVE-2009-0025
Published: January 15, 2009
Last Modified: January 15, 2009