PT-2015-7052 · Isc+8 · Isc Bind 9.X+8

Hanno Böck

Publicado

2015-09-02

Atualizado

2024-06-15

CVE-2015-5722

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions ISC BIND 9.x versions 9.9.0 through 9.9.7-P2 ISC BIND 9.x version 9.10.0 through 9.10.2-P3

Description The issue allows remote attackers to cause a denial of service by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone. This results in an assertion failure and daemon exit.

Recommendations For ISC BIND 9.x versions 9.9.0 through 9.9.7-P2, update to version 9.9.7-P3 or later. For ISC BIND 9.x versions 9.10.0 through 9.10.2-P3, update to version 9.10.2-P4 or later.

Exploit

Correção

DoS

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

ALT-PU-2017-1055

CESA-2015_1705

CVE-2015-5722

DLA-308-1

DSA-3350-1

HPSBUX03511

MGASA-2015-0341

OPENSUSE-SU-2015_1597-1

OPENSUSE-SU-2024:10467-1

RHSA-2015:1705

RHSA-2015:1706

RHSA-2015:1707

RHSA-2015_1705

RHSA-2015_1706

RHSA-2015_1707

RHSA-2016:0078

RHSA-2016:0079

SUSE-SU-2015:1480-1

SUSE-SU-2015:1481-1

SUSE-SU-2015:1496-1

SUSE-SU-2015_1480-1

SUSE-SU-2015_1481-1

SUSE-SU-2015_1496-1

USN-2728-1

Produtos afetados

Alt Linux

Bind Server

Centos

Hp-Ux

Ibm Aix

Isc Bind 9.X

Red Hat

Suse

Ubuntu

PT-2015-7052 · Isc+8 · Isc Bind 9.X+8

CVE-2015-5722

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 139