Lucene search
RootSSV:20528HistoryMay 10, 2011 - 12:00 a.m.
ISC BIND 9 RRSIG Query类型远程拒绝服务漏洞
2011-05-1000:00:00
Root
www.seebug.org
28
EPSS
0.9
Percentile
98.8%
BUGTRAQ ID: 47734
CVE ID: CVE-2011-1907
BIND是一个应用非常广泛的DNS协议的实现,由ISC负责维护,具体的开发由Nominum公司完成。
ISC BIND在实现上存在远程拒绝服务漏洞,由于未能正确处理某些记录类型,攻击者可利用此漏洞造成应用程序进程崩溃,拒绝服务合法用户。
此问题仅影响将配置的RPZ功能用于RRset替换的BIND用户。BIND 9.8.0引入了RPZ机制,用于修改递归服务器根据一组规则返回的DNS响应。在典型配置中,RPZ用于强制可疑名称的NXDOMAIN响应,也用于RRset替换。在使用RPZ时,配置了RRset替换的名称类型RRSIG查询将触发断言失败,造成退出DNS进程
RedHat Fedora 15
厂商补丁:
RedHat
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
checkpoint_advisories
checkpoint_advisories
ISC BIND RRSIG Query Denial of Service (CVE-2011-1907)
2012-09-20 00:00:00
thn
thn
Remote DoS Flaw in BIND Fixed in New Version !
2011-05-09 13:30:00
threatpost
threatpost
Remote DoS Flaw in BIND Fixed in New Version
2011-05-06 14:43:25
securityvulns
securityvulns
prion
prion
Design/Logic Flaw
2011-05-09 22:55:00
nvd
nvd
CVE-2011-1907
2011-05-09 22:55:03
openvas
openvas
ISC BIND DoS Vulnerability (CVE-2011-1907)
2021-11-16 00:00:00
nessus
nessus
ISC BIND Response Policy Zones RRSIG Query Assertion Failure DoS
2011-05-09 00:00:00
NewStart CGSL CORE 5.04 / MAIN 5.04 : bind Multiple Vulnerabilities (NS-SA-2021-0017)
2021-03-10 00:00:00
NewStart CGSL MAIN 6.02 : bind Multiple Vulnerabilities (NS-SA-2024-0060)
2024-09-10 00:00:00
cve
cve
CVE-2011-1907
2011-05-09 22:55:03
ubuntucve
ubuntucve
CVE-2011-1907
2011-05-09 00:00:00
cvelist
cvelist
CVE-2011-1907
2011-05-09 22:00:00
debiancve
debiancve
CVE-2011-1907
2011-05-09 22:55:03
osv
osv
bind-9.10.3P4-21.1 on GA media
2024-06-15 00:00:00