PT-2014-8563 · Isc+9 · Isc Bind+9

Publicado

2014-12-09

Atualizado

2024-06-15

CVE-2014-8500

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions ISC BIND versions 9.0.x through 9.8.x ISC BIND versions 9.9.0 through 9.9.6 ISC BIND versions 9.10.0 through 9.10.1

Description The issue allows remote attackers to cause a denial of service, resulting in memory consumption and named crash, via a large or infinite number of referrals due to the lack of limits on delegation chaining.

Recommendations For versions 9.0.x through 9.8.x, update to a version that limits delegation chaining to prevent denial of service attacks. For versions 9.9.0 through 9.9.6, update to a version that limits delegation chaining to prevent denial of service attacks. For versions 9.10.0 through 9.10.1, update to a version that limits delegation chaining to prevent denial of service attacks.

Exploit

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

ALT-PU-2015-1641

CESA-2014_1984

CVE-2014-8500

DLA-112-1

DSA-3094-1

HPSBUX03235

HPSBUX03400

MGASA-2014-0524

OPENSUSE-SU-2024:10467-1

RHSA-2014:1984

RHSA-2014:1985

RHSA-2014_1984

RHSA-2014_1985

RHSA-2016:0078

SUSE-SU-2015:0011-2

SUSE-SU-2015:0480-1

SUSE-SU-2015:1205-1

SUSE-SU-2015_0011-1

SUSE-SU-2015_0011-2

SUSE-SU-2015_0096-1

SUSE-SU-2015_0488-1

USN-2437-1

Produtos afetados

Alt Linux

Bind Server

Centos

Hp-Ux

Ibm Aix

Isc Bind

Junos

Red Hat

Suse

Ubuntu

PT-2014-8563 · Isc+9 · Isc Bind+9

CVE-2014-8500

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 127