HP have finally released patches for the cache poisoning problem (CERT vulnerability note VU#800113) that has received so much publicity recently.
HP notes that the patch will be included in the TCPIP V5.6 ECO 3 kit that is expected out soon. However, if you urgently need a patch for TCPIP V5.4 ECO 7, V5.5 ECO 3, or V5.6 ECO 2 on Alpha or Integrity, you can now obtain one. They further note that you should carefully determine if you require this patch before installing it. Most VMS systems only run the BIND Resolver. You are only (potentially) vulnerable if your system is acting as a nameserver.
Further information is available at the Networks "What's New" page.
Posted at August 12, 2008 6:48 AMComments are closed