Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
A buffer boundary check assertion in rdataset.c can fail incorrectly during zone transfer
Vulnerability Description
In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
N/A
Vulnerability Title
ISC BIND 安全漏洞
Vulnerability Description
ISC BIND是美国ISC公司的一套实现了DNS协议的开源软件。 ISC BIND中存在安全漏洞。攻击者可利用该漏洞造成拒绝服务。以下产品及版本受到影响:BIND 9.11.14版本至9.11.19版本,9.14.9版本至9.14.12版本,9.16.0版本至9.16.3版本;BIND Supported Preview Edition 9.11.14-S1版本至9.11.19-S1版本。
CVSS Information
N/A
Vulnerability Type
N/A