Описание
In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with "--enable-native-pkcs11" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:9.11.3+dfsg-1ubuntu1.13 |
| devel | released | 1:9.16.6-2ubuntu1 |
| esm-infra-legacy/trusty | not-affected | |
| esm-infra/bionic | released | 1:9.11.3+dfsg-1ubuntu1.13 |
| esm-infra/focal | released | 1:9.16.1-0ubuntu2.3 |
| esm-infra/xenial | released | 1:9.10.3.dfsg.P4-8ubuntu1.17 |
| focal | released | 1:9.16.1-0ubuntu2.3 |
| precise/esm | not-affected | |
| trusty | ignored | end of standard support |
| trusty/esm | not-affected |
Показывать по
4.3 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with "--enable-native-pkcs11" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker
In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with "--enable-native-pkcs11" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker
A flaw in native PKCS#11 code can lead to a remotely triggerable assertion failure in pk11.c
In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also af ...
In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with "--enable-native-pkcs11" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker
4.3 Medium
CVSS2
7.5 High
CVSS3