Quit yer grinnin Melonhead…OK, pdnsd, MyDNS and Juniper have released patches so far. Others are “testing”. ISC, the makers of BIND have yet to release a patch at post time.
“The vulnerabilities described in this advisory affect implementations of the Domain Name System (DNS) protocol. Many vendors include support for this protocol in their products and may be impacted to varying degrees, if at all.”
If exploited, these vulnerabilities could cause a variety of outcomes including,
for example, a Denial-of-Service (DoS) condition. In most cases, they can expose
memory corruption, stack corruption or other types of fatal error conditions. Some
of these conditions may expose the protocol to typical buffer overflow exploits,
allowing arbitrary code to execute or the system to be modified.
[tags]DNS, BIND, Vulnerability[/tags]
