Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote attackers to obtain potentially sensitive information via a DNS query.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ISC BIND拒绝服务和绕过安全限制漏洞
Vulnerability Description
BIND是一个应用非常广泛的DNS协议的实现,由ISC负责维护,具体的开发由Nominum公司完成。 ISC BIND没有正确地应用ACL,用户可以通过递归访问ACL所禁止的缓存。成功利用这个漏洞要求BIND同时运行为权威和递归DNS服务器。 此外在DNSSEC查询验证期间BIND没有正确地处理权威服务器所返回的记录,响应中的恶意签名可导致服务器崩溃。成功利用这个漏洞要求将BIND配置为DNSSEC验证服务器且对同一区配置了多个信任锚。
CVSS Information
N/A
Vulnerability Type
N/A