C-Note-06-017: Hewlett-Packard HP-UX Running BINDv4 Domain Name Server (DNS) (5/25/2006)

A potential security vulnerability has been identified with HP-UX running the BINDv4 Domain Name that would be exploited to poison the DNS cache leading to remote unauthorized access of Denial of Service (DoS). The potential vulnerability may be avoided by blocking access to the system from untrusted systems or by disabling DNS recursion.

CIAC would like to thank Hewlett-Packard for this information. Please visit their web site to read the article:

Visit Hewlett-Packard Subscription Service for:
HPSBUX02117 SSRT2400 rev.1