Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
A too-strict assertion check could be triggered when responses in BIND 9.16.19 and 9.17.16 require UDP fragmentation if RRL is in use
Vulnerability Description
In BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND Supported Preview Edition When a vulnerable version of named receives a query under the circumstances described above, the named process will terminate due to a failed assertion check. The vulnerability affects only BIND 9 releases 9.16.19, 9.17.16, and release 9.16.19-S1 of the BIND Supported Preview Edition.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
N/A
Vulnerability Title
ISC BIND 处理逻辑错误漏洞
Vulnerability Description
ISC BIND是美国ISC公司的一套实现了DNS协议的开源软件。 ISC BIND 存在处理逻辑错误漏洞,该漏洞源于 named 尝试使用大于当前有效接口最大传输单元 (MTU) 的响应通过 UDP 进行响应,并且如果响应速率限制 (RRL) 处于活动状态,则会触发断言失败(导致 named 服务器进程终止)。
CVSS Information
N/A
Vulnerability Type
N/A