Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cache poisoning due to weak PRNG
Vulnerability Description
In specific circumstances, due to a weakness in the Pseudo Random Number Generator (PRNG) that is used, it is possible for an attacker to predict the source port and query ID that BIND will use. This issue affects BIND 9 versions 9.16.0 through 9.16.50, 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.16.8-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Vulnerability Type
从可观察状态的可预测
Vulnerability Title
ISC BIND 9 安全漏洞
Vulnerability Description
ISC BIND 9是ISC组织的一个域名系统软件。 ISC BIND 9 9.16.0版本至9.16.50版本、9.18.0版本至9.18.39版本、9.20.0版本至9.20.13版本、9.21.0版本至9.21.12版本、9.16.8-S1版本至9.16.50-S1版本、9.18.11-S1版本至9.18.39-S1版本和9.20.9-S1版本至9.20.13-S1版本存在安全漏洞,该漏洞源于伪随机数生成器存在弱点,可能导致攻击者预测源端口和查询ID。
CVSS Information
N/A
Vulnerability Type
N/A