PT-2011-3470 · Isc+3 · Isc Bind+3
Publicado
2011-05-31
·
Atualizado
2024-06-15
·
CVE-2011-1910
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
ISC BIND versions prior to 9.7.3-P1
ISC BIND 9.8.x versions prior to 9.8.0-P2
ISC BIND 9.4-ESV versions prior to 9.4-ESV-R4-P1
ISC BIND 9.6-ESV versions prior to 9.6-ESV-R4-P1
Description
The issue is caused by an off-by-one error in named, allowing remote DNS servers to cause a denial of service through a negative response containing large RRSIG RRsets, resulting in an assertion failure and daemon exit.
Recommendations
For ISC BIND versions prior to 9.7.3-P1, update to version 9.7.3-P1 or later.
For ISC BIND 9.8.x versions prior to 9.8.0-P2, update to version 9.8.0-P2 or later.
For ISC BIND 9.4-ESV versions prior to 9.4-ESV-R4-P1, update to version 9.4-ESV-R4-P1 or later.
For ISC BIND 9.6-ESV versions prior to 9.6-ESV-R4-P1, update to version 9.6-ESV-R4-P1 or later.
Correção
DoS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Bind Server
Hp-Ux
Isc Bind
Red Hat