Test Kennung:	1.3.6.1.4.1.25623.1.0.810547
Kategorie:	Denial of Service
Titel:	ISC BIND DNS64 and RPZ Denial of Service Vulnerability
Zusammenfassung:	ISC BIND is prone to a denial of service vulnerability.
Beschreibung:	Summary: ISC BIND is prone to a denial of service vulnerability. Vulnerability Insight: The flaw exists due to using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state. Vulnerability Impact: Successful exploitation will allow remote attackers to cause an INSIST assertion failure (and subsequent abort) or an attempt to read through a NULL pointer. On most platforms a NULL pointer read leads to a segmentation fault (SEGFAULT), which causes the process to be terminated. Affected Software/OS: ISC BIND versions 9.8.8, 9.9.3-S1 through 9.9.9-S7, 9.9.3 through 9.9.9-P5, 9.9.10b1, 9.10.0 through 9.10.4-P5, 9.10.5b1, 9.11.0 through 9.11.0-P2 and 9.11.1b1. Solution: Update to ISC BIND version 9.9.9-P6 or 9.10.4-P6 or 9.11.0-P3 or 9.9.9-S8 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-3135 BugTraq ID: 96150 http://www.securityfocus.com/bid/96150 Debian Security Information: DSA-3795 (Google Search) https://www.debian.org/security/2017/dsa-3795 https://security.gentoo.org/glsa/201708-01 RedHat Security Advisories: RHSA-2017:0276 http://rhn.redhat.com/errata/RHSA-2017-0276.html http://www.securitytracker.com/id/1037801
Copyright	Copyright (C) 2017 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.