CVE-2003-0914 Information

Description

ISC BIND 8.3.x before 8.3.7 and 8.4.x before 8.4.3 allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.

Reference

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-003.0/CSSA-2004-003.0.txt ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.33/CSSA-2003-SCO.33.txt http://secunia.com/advisories/10542 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57434 http://www.debian.org/security/2004/dsa-409 http://www.kb.cert.org/vuls/id/734644 http://www.trustix.org/errata/misc/2003/TSL-2003-0044-bind.asc.txt https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2011