Описание
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.
A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named (functioning as an authoritative DNS server or a DNS resolver) exit unexpectedly with an assertion failure via a specially crafted DNS request packet.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 4 | bind | Will not fix | ||
| Red Hat Enterprise Linux 5 | bind | Fixed | RHSA-2015:1514 | 28.07.2015 |
| Red Hat Enterprise Linux 5 | bind97 | Fixed | RHSA-2015:1515 | 28.07.2015 |
| Red Hat Enterprise Linux 6 | bind | Fixed | RHSA-2015:1513 | 29.07.2015 |
| Red Hat Enterprise Linux 6.4 Advanced Update Support | bind | Fixed | RHSA-2016:0078 | 28.01.2016 |
| Red Hat Enterprise Linux 6.5 Advanced Update Support | bind | Fixed | RHSA-2016:0078 | 28.01.2016 |
| Red Hat Enterprise Linux 6.6 Extended Update Support | bind | Fixed | RHSA-2016:0079 | 28.01.2016 |
| Red Hat Enterprise Linux 7 | bind | Fixed | RHSA-2015:1513 | 29.07.2015 |
Показывать по
Дополнительная информация
Статус:
EPSS
5 Medium
CVSS2
Связанные уязвимости
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allo ...
EPSS
5 Medium
CVSS2