Impact: DoS
Where: From local network
OS: NetBSD 1.x
CVE reference: CAN-2003-0914
Description:
NetBSD has issued updated packages for bind. These fix a vulnerability, which can be exploited by malicious people to poison the DNS cache with negative entries.
For more information:
SA10300
The vulnerability affects the following versions:
* NetBSD-current (source prior to Nov 27, 2003)
* NetBSD 1.6.2_RC2
* NetBSD 1.6.2_RC1
* NetBSD 1.6
* NetBSD-1.5.3
* NetBSD-1.5.2
* NetBSD-1.5.1
* NetBSD-1.5
* pkgsrc (bind8 packages prior to 8.4.3)
Solution:
The vulnerability has been addressed in the following versions:
* NetBSD-current (Nov 27, 2003)
* NetBSD-1.6.2_RC3
* NetBSD-1.5 branch (Nov 28, 2003)
* pkgsrc (bind8-8.4.3)
Original Advisory:
ftp://ftp.netbsd.org/pub/NetBSD/...sories/NetBSD-SA2003-018.txt.asc
http://www.secunia.com/advisories/10450/

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic