SUSE Security Announcement 2009:059: bind

20

   The bind DNS server was updated to close a possible cache poisoning    vulnerability which allowed to bypass DNSSEC.     This problem can only happen after the other spoofing/poisoning    mechanisms have been bypassed already (the port and transaction id    randomization). Also this can only happen if the server is setup for 

DNSSEC. Due to this limitation we consider this a minor issue…

Read More