CVE-2007-2925
Published: 24 July 2007
The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.
Notes
Author | Note |
---|---|
kees | recursion should be a admin policy, and is already mediated by edgy+ bind default configs |