DNS ... all DNS was determined to be vulnerable to DNS Cache Poisoning due to the lack of randomness in the transaction ID. Fixes have been put into place by most DNS vendors. Please upgrade to the latest version of DNS and run the following test on your DNS Server:
dig +short porttest.dns-oarc.net TXT
It should come back with something like
porttest.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net.
"x.x.x.x is GREAT: 26 queries in 0.7 seconds from 26 ports with std dev 19513"
If you see GREAT, you're good. If you see POOR, you still have work to do.
Another test site is Web-based DNS Randomness Test
If you want to read the original CERT writeup about the vulnerability, it's here.
