Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-0591

Опубликовано: 13 янв. 2014
Источник: redhat
CVSS2: 2.6
EPSS Средний

Описание

The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.

A denial of service flaw was found in the way BIND handled queries for NSEC3-signed zones. A remote attacker could use this flaw against an authoritative name server that served NCES3-signed zones by sending a specially crafted query, which, when processed, would cause named to crash.

Отчет

This issue does not affect the version of bind and bind97 as shipped with Red Hat Enterprise Linux 5. For a technical explanation please see https://bugzilla.redhat.com/show_bug.cgi?id=1051717#c25

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5bindNot affected
Red Hat Enterprise Linux 7bindNot affected
Red Hat Enterprise Linux 5bind97FixedRHSA-2014:124416.09.2014
Red Hat Enterprise Linux 6bindFixedRHSA-2014:004320.01.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1051717bind: named crash when handling malformed NSEC3-signed zones

EPSS

Процентиль: 97%
0.43549
Средний

2.6 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-0591

ubuntu
больше 11 лет назад

The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.

nvd логотип

CVE-2014-0591

nvd
больше 11 лет назад

The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.

debian логотип

CVE-2014-0591

debian
больше 11 лет назад

The query_findclosestnsec3 function in query.c in named in ISC BIND 9. ...

github логотип

GHSA-c7r2-3x52-rjcm

github
больше 3 лет назад

The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a crafted DNS query to an authoritative nameserver that uses the NSEC3 signing feature.

oracle-oval логотип

ELSA-2014-1244

oracle-oval
почти 11 лет назад

ELSA-2014-1244: bind97 security and bug fix update (MODERATE)

EPSS

Процентиль: 97%
0.43549
Средний

2.6 Low

CVSS2