漏洞类别:AIX
漏洞等级: 
漏洞信息
There are two vulnerabilities in BIND that impact AIX.
1. SC BIND is vulnerable to a denial of service, caused by the improper handling of responses containing a DNAME answer in db.c or resolver.c. By sending a recursive response, a remote attacker could exploit this vulnerability to trigger an assertion failure. (CVE-2016-8864)
2. ISC BIND is vulnerable to a denial of service. By sending a specially crafted DNS packet with malformed options, a remote attacker could exploit this vulnerability to trigger an assertion failure. (CVE-2016-2848)
Affected Versions: -
AIX 6.1, 7.1
漏洞危害
Successful exploitation allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c.
解决方案
The vendor has released fixes to resolve this vulnerability. Refer to AIX bind_advisory14 to obtain more information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论