CVE-2014-3859: BIND named can crash due to a defect in EDNS printing processing
A specially crafted query sent to a BIND nameserver can cause it to crash with a REQUIRE assertion error. CVE: CVE-2014-3859 Document version: 2.0 Posting date: 11 June 2014 Program impacted: BIND 9 Versions affected: 9.10.0, 9.10.0-P1 Severity: Critical Exploitable: Remotely Description: A query specially crafted to exploit a defect in EDNS option processing can cause named to terminate with an a
CVE-2012-1033: Ghost Domain Names: Revoked Yet Still Resolvable
After completing our analysis of the DNS exploit reported by Professor Haixin Duan of Tsinghua University, ISC has determined that the behavior he describes, while verifiable, is due to design issues in the DNS protocol. No immediate steps are planned to address the issue. Further information concerning the implications of the reported vulnerability can be found in the complete problem description
1
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
処理を実行中です
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
BIND 9.10.0 Release Notes | Internet Systems Consortium Knowledge Base
