Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
named configured to answer from stale cache may terminate unexpectedly while processing RRSIG queries
Vulnerability Description
BIND 9 resolver can crash when stale cache and stale answers are enabled, option `stale-answer-client-timeout` is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10, 9.19.0 through 9.19.8, and 9.16.12-S1 through 9.16.36-S1.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
N/A
Vulnerability Title
ISC BIND 安全漏洞
Vulnerability Description
ISC BIND是美国ISC公司的一套实现了DNS协议的开源软件。 BIND 9.16.0版本至9.16.36版本、9.18.0版本至9.18.10版本、9.19.0版本至9.19.8版本存在安全漏洞,该漏洞源于当启用陈旧缓存和陈旧答案时,stale-answer-client-timeout被设置为正整数,并且解析器收到RRSIG查询时BIND解析器会崩溃。
CVSS Information
N/A
Vulnerability Type
N/A