CVE-2007-0493: If recursion is enabled, a remote attacker can dereference a freed fetch context causing the daemon to abort / crash.
CVE-2007-0494: By sending specific DNS query responses with multiple RRSETS attackers could cause BIND to exit abnormally. Is this of relevance also for OpenBSD's bind? I guess not, but maybe some insider could shed some photons on it. -- Stephan A. Rickauer ----------------------------------------------------------- Institute of Neuroinformatics Tel +41 44 635 30 50 University / ETH Zurich Sec +41 44 635 30 52 Winterthurerstrasse 190 Fax +41 44 635 30 53 CH-8057 Zurich Web www.ini.unizh.ch RSA public key: https://www.ini.uzh.ch/~stephan/pubkey.asc -----------------------------------------------------------
