Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue has been found in dnsdist before 1.2.0 in the way EDNS0 OPT records are handled when parsing responses from a backend. When dnsdist is configured to add EDNS Client Subnet to a query, the response may contain an EDNS0 OPT record that has to be removed before forwarding the response to the initial client. On a 32-bit system, the pointer arithmetic used when parsing the received response to remove that record might trigger an undefined behavior leading to a crash.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
dnsdist 安全漏洞
Vulnerability Description
dnsdist是一款负载均衡器,它能够将流量分流到不同服务器,为用户提供最佳性能。 dnsdist 1.2.0之前版本中EDNS0 OPT记录被处理的方式存在拒绝服务漏洞。远程攻击者可借助特制的后端响应利用该漏洞造成拒绝服务(应用程序崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A