On Wed, 30 Jul 2008, Baird, Josh wrote:

> First and foremost, you need to upgrade your version of BIND. It is
> vulnerable to the recent DNS cache poisoning vulnerability that I'm sure
> you have heard about by now..


> -----Original Message-----
> OK, so I'm not running *real* BIND, but Redhat's "special" version
> (bind-9.2.4-22.el3).


That bind-9.2.4-22.el3 appears to be Red Hat's fixed version:

http://www.redhat.com/archives/rhsa-.../msg00007.html
http://rhn.redhat.com/errata/RHSA-2008-0533.html
https://www.redhat.com/security/updates/backporting/