漏洞类别:DNS and BIND
漏洞等级: 
漏洞信息
ISC BIND is open source software that implements the Domain Name System (DNS) protocols for the Internet.
Parsing a malformed DNSSEC key can cause a validating resolver to exit due to a failed assertion in buffer.c. It is possible for a remote attacker to deliberately trigger this condition, for example by using a query which requires a response from a zone containing a deliberately malformed key.
Affected Versions:
BIND 9.0.0 -> 9.8.8, BIND 9.9.0 -> 9.9.7-P2, BIND 9.10.0 -> 9.10.2-P3
漏洞危害
If this vulnerability is successfully exploited, attackers can crash the affected application, denying service to legitimate users.
解决方案
Customers are advised to installBIND Download or later versions to remediate this vulnerability.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论