Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
named may terminate unexpectedly when processing ECS options in repeated responses to iterative queries
Vulnerability Description
Processing of repeated responses to the same query, where both responses contain ECS pseudo-options, but where the first is broken in some way, can cause BIND to exit with an assertion failure. 'Broken' in this context is anything that would cause the resolver to reject the query response, such as a mismatch between query and answer name. This issue affects BIND 9 versions 9.11.4-S1 through 9.11.37-S1 and 9.16.8-S1 through 9.16.36-S1.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
N/A
Vulnerability Title
ISC BIND 安全漏洞
Vulnerability Description
ISC BIND是美国ISC公司的一套实现了DNS协议的开源软件。 BIND 9.11.4-S1版本至9.11.37-S1版本、9.16.8-S1版本至9.16.36-S1版本存在安全漏洞,该漏洞源于处理对同一查询的重复响应,其中两个响应都包含ECS伪选项,但第一个响应以某种方式被破坏,可能导致BIND以断言失败退出。
CVSS Information
N/A
Vulnerability Type
N/A