Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ISC BIND 9 Negative Caching RRSIG RRsets off-by-one错误漏洞
Vulnerability Description
ISC BIND是美国Internet Systems Consortium(ISC)公司所维护的一套实现了DNS协议的开源软件。 ISC BIND 9.7.3-P1之前的9.x版本,9.8.0-P2之前的9.8.x版本,9.4-ESV-R4-P1之前的9.4-ESV版本,以及9.6-ESV-R4-P1之前的9.6-ESV版本的named中存在off-by-one错误漏洞。该漏洞是由于否定响应处理中的断言错误导致的,攻击者可利用超大的RRSIG RRsets设置DNSSEC签署的授权DNS服务器作为触发器
CVSS Information
N/A
Vulnerability Type
N/A