Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error, aka the "DNSSEC Validation" vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ISC BIND DNSSEC验证远程拒绝服务漏洞
Vulnerability Description
ISC BIND是美国Internet Systems Consortium(ISC)公司所维护的一套实现了DNS协议的开源软件。 ISC BIND在处理用户请求时存在漏洞,远程攻击者可能利用此漏洞导致BIND拒绝服务。在验证对type * (ANY)请求的响应时如果请求在回答会话中返回了多个RRset的话就可能触发异常处理,导致BIND拒绝服务。仅在用户通过指定可信任密钥在named.conf中启用了dnssec验证的情况下才会出现这个漏洞。
CVSS Information
N/A
Vulnerability Type
N/A