| Name | CVE-2006-0527 |
| Description | BIND 4 (BIND4) and BIND 8 (BIND8), if used as a target forwarder, allows remote attackers to gain privileged access via a "Kashpureff-style DNS cache corruption" attack. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|
| bind | source | (unstable) | 1:8.4.7-1 | low | | |
Notes
[sarge] - bind <no-dsa> (Architectual limitatiom, upgrade to BIND 9 as a a fix)
BIND 8 is unsuitable for forwarder use because of its
architecture. Upgrade to BIND 9 as a fix.
This was fixed in sid by documenting it as an unfixable design limitation