Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Attempting QNAME minimization after forwarding can lead to an assertion failure in resolver.c
Vulnerability Description
In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
N/A
Vulnerability Title
ISC BIND 输入验证错误漏洞
Vulnerability Description
ISC BIND是美国ISC公司的一套实现了DNS协议的开源软件。 BIND 9.14.0至9.16.5, 9.17.0至9.17.3存在安全漏洞,攻击者可以构造一个特殊请求造成目标服务异常结束。
CVSS Information
N/A
Vulnerability Type
N/A