Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Birthday Attack against Resolvers supporting ECS
Vulnerability Description
A `named` caching resolver that is configured to send ECS (EDNS Client Subnet) options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Vulnerability Type
在可信数据中接受外来的不可信数据
Vulnerability Title
ISC BIND 9 安全漏洞
Vulnerability Description
ISC BIND 9是ISC组织的一个域名系统软件。 ISC BIND 9存在安全漏洞,该漏洞源于容易受到缓存投毒攻击。以下版本受到影响:9.11.3-S1至9.16.50-S1版本、9.18.11-S1至9.18.37-S1版本和9.20.9-S1至9.20.10-S1版本。
CVSS Information
N/A
Vulnerability Type
N/A