Описание
named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of named can be caused to exit with a REQUIRE assertion failure if they are sent a null command string. Affects BIND 9.9.9->9.9.9-P7, 9.9.10b1->9.9.10rc2, 9.10.4->9.10.4-P7, 9.10.5b1->9.10.5rc2, 9.11.0->9.11.0-P4, 9.11.1b1->9.11.1rc2, 9.9.9-S1->9.9.9-S9.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1:9.10.3.dfsg.P4-10.1ubuntu5 |
| esm-infra-legacy/trusty | released | 1:9.9.5.dfsg-3ubuntu0.14 |
| esm-infra/xenial | released | 1:9.10.3.dfsg.P4-8ubuntu1.6 |
| precise | released | 1:9.8.1.dfsg.P1-4ubuntu0.22 |
| precise/esm | not-affected | 1:9.8.1.dfsg.P1-4ubuntu0.22 |
| trusty | released | 1:9.9.5.dfsg-3ubuntu0.14 |
| trusty/esm | released | 1:9.9.5.dfsg-3ubuntu0.14 |
| upstream | needs-triage | |
| vivid/stable-phone-overlay | ignored | end of life |
| vivid/ubuntu-core | ignored | end of life |
Показывать по
3.5 Low
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of named can be caused to exit with a REQUIRE assertion failure if they are sent a null command string. Affects BIND 9.9.9->9.9.9-P7, 9.9.10b1->9.9.10rc2, 9.10.4->9.10.4-P7, 9.10.5b1->9.10.5rc2, 9.11.0->9.11.0-P4, 9.11.1b1->9.11.1rc2, 9.9.9-S1->9.9.9-S9.
named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of named can be caused to exit with a REQUIRE assertion failure if they are sent a null command string. Affects BIND 9.9.9->9.9.9-P7, 9.9.10b1->9.9.10rc2, 9.10.4->9.10.4-P7, 9.10.5b1->9.10.5rc2, 9.11.0->9.11.0-P4, 9.11.1b1->9.11.1rc2, 9.9.9-S1->9.9.9-S9.
named contains a feature which allows operators to issue commands to a ...
named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of named can be caused to exit with a REQUIRE assertion failure if they are sent a null command string. Affects BIND 9.9.9->9.9.9-P7, 9.9.10b1->9.9.10rc2, 9.10.4->9.10.4-P7, 9.10.5b1->9.10.5rc2, 9.11.0->9.11.0-P4, 9.11.1b1->9.11.1rc2, 9.9.9-S1->9.9.9-S9.
3.5 Low
CVSS2
6.5 Medium
CVSS3