作者 主題: bind 如果還是 9.0 以前 的 version 請快升級  (閱讀 4570 次)

0 會員 與 1 訪客 正在閱讀本文。

huckly

  • 酷!學園 學長們
  • 俺是博士!
  • *****
  • 文章數: 3420
    • 檢視個人資料
    • http://blog.huckly.net
一直要 post 結果忘記說
來源一  http://online.securityfocus.com/bid/4936

BIND is a server program that implements the domain name service protocol. It is in extremely wide use on the Internet, in use by most of the DNS servers.

A vulnerability has been reported in some versions of BIND 9. Under some circumstances, the name server named may fail an internal consistancy check. As a result, the server will shut down, and is no longer available to respond to further DNS requests.

It has been reported that some HP products may ship with vulnerable versions of BIND 9, as does Caldera Open UNIX.

來源二  redhat
Version 9 of the bind name prior to version 9.2.1 contain a denial of
service vulnerability.

Description:
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols.  Versions of BIND 9 prior to 9.2.1 have a bug
that causes certain requests to the BIND name server (named) to fail an
internal consistency check, causing the name server to stop responding to
requests.  This can be used by a remote attacker to cause a denial of
service (DOS) attack against name servers.

Red Hat Linux 7.1, 7.2 and 7.3 shipped with versions of BIND vulnerable to
this issue.  All users of BIND are advised to upgrade to the errata
packages containing BIND 9.2.1 which is not vulnerable to this issue.
IT doesn't matter