Searching the title of the vulnerability with google results one PDF document. http://www.google.co.jp/#q=Ghost+Domain+Names:+Revoked+Yet+Still+Resolvable+PDF
It shows details. -- Kazunori Fujiwara > From: Michael McNally <mcna...@isc.org> > PLEASE READ: An important security announcement from ISC > > ISC has been notified by Haixin Duan (a professor at Tsinghua > University in Beijing China, who is currently visiting the > International Computer Science Institute (ICSI) at the University > of California, Berkeley) about a DNS resolver vulnerability that > potentially allows a party to keep a domain name in the cache > even after that domain name has been expired > > ISC is evaluating the risk of this vulnerability, but his published > paper shows how this was demonstrated, live across the Internet. > It lists several DNS implementations and open resolver deployments > as vulnerable. All BIND 9 versions are currently considered > vulnerable. > > A more detailed description of this vulnerability and ISC's > planned response can be found at: > > https://www.isc.org/software/bind/advisories/cve-2012-1033 > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
