A change has been made to CERT Advisory CA-2002-19. The workaround of using a local caching DNS server is not completely effective. Some malicious DNS responses can be cached, reconstructed, and passed on to systems that may have vulnerable DNS resolver libraries.
Affected systems are:
- Internet Software Consortium (ISC) Berkeley Internet Name Domain (BIND) DNS resolver library (libbind);- Berkeley Software Distribution (BSD) DNS resolver library (libc);- GNU DNS resolver library (glibc).
For more information, click here.