Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - SANS Internet Storm Center InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
The ISC and DShield websites will be unavailable on Wednesday Nov 25th from 8-8:30 am EST.

BIND Security Advisory (DNSSEC only)

Published: 2009-11-24
Last Updated: 2009-11-24 17:19:44 UTC
by John Bambenek (Version: 1)
0 comment(s)

The other ISC (Internet Systems Consortium) has released a security advisory on BIND and security patches for nameservers running with DNSSEC validation enabled. Essentially it is possible for inappropriate caching of records from the additional records section of a query response. Typically, however, resolvers don't query in such a way as to make this a wide-impacting problem for the bulk of users.

You can read the advisory here.

Upgrade to 9.4.3-P4, 9.5.2-P1 or 9.6.1-P2.

John Bambenek
bambenek at gmail /dot/ com

0 comment(s)

Microsoft Security Advisory 977981 - IE 6 and IE 7

Published: 2009-11-24
Last Updated: 2009-11-24 01:50:07 UTC
by Rick Wanner (Version: 1)
0 comment(s)

Related to Marc's Diary from 11/23, Microsoft has released Security Advisory 977981.  It details vulnerabilites in Internet Explorer 6 and 7 on various operating systems.  The advisory does not provide any patches or new versions at this point, but does provide several recommendations for mitigation.


-- Rick Wanner - rwanner at isc dot sans dot org

0 comment(s)
Diary Archives