Информационная безопасность
[RU] switch to English


Уязвимости в DNS-сервере bind named
Опубликовано:6 декабря 2010 г.
Источник:
SecurityVulns ID:11279
Тип:удаленная
Уровень опасности:
6/10
Описание:DoS, утечка информации.
Затронутые продукты:ISC : bind 9.7
CVE:CVE-2010-3614 (named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover.)
 CVE-2010-3613 (named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data.)
Оригинальный текстdocumentUBUNTU, [USN-1025-1] Bind vulnerabilities (06.12.2010)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород