Lucene search
RootSSV:60609HistoryJan 30, 2013 - 12:00 a.m.
ISC BIND 9 DNS64 远程拒绝服务漏洞
2013-01-3000:00:00
Root
www.seebug.org
228
0.012 Low
EPSS
Percentile
83.3%
BUGTRAQ ID: 57556
CVE(CAN) ID: CVE-2012-5689
BIND是一个应用非常广泛的DNS协议的实现。
ISC BIND 9.8.x、9.9.x在某些配置中,DNS64的响应策略区域缺少AAAA重写规则,远程攻击者通过AAAA记录查询,可造成拒绝服务(断言失败并退出指定程序)。
0
ISC BIND 9.9.x
ISC BIND 9.8.x
临时解决方法:
2013年1月24日厂商已经发布beta版本,修复了此漏洞。如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:
- 确保RPZ包含每个A重写规则的AAAA重写规则。
厂商补丁:
ISC
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
openvas
openvas
ISC BIND DoS Vulnerability (CVE-2012-5689) - Windows
2023-01-03 00:00:00
ISC BIND DoS Vulnerability (CVE-2012-5689) - Linux
2023-01-03 00:00:00
RedHat Update for bind RHSA-2013:0550-01
2013-02-22 00:00:00
prion
prion
Design/Logic Flaw
2013-01-25 12:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:58:16
nessus
nessus
ISC BIND 9 DNS64 Handling DoS (CVE-2012-5689)
2018-01-18 00:00:00
Scientific Linux Security Update : bind on SL6.x i386/x86_64 (20130221)
2013-03-01 00:00:00
Amazon Linux AMI : bind (ALAS-2013-158)
2013-09-04 00:00:00
amazon
amazon
Medium: bind
2013-03-02 16:48:00
f5
f5
SOL14601 - BIND vulnerability CVE-2012-5689
2013-08-15 00:00:00
K14601 : BIND vulnerability CVE-2012-5689
2014-07-29 00:00:00
cve
cve
CVE-2012-5689
2013-01-25 12:00:00
debiancve
debiancve
CVE-2012-5689
2013-01-25 12:00:00
ubuntucve
ubuntucve
CVE-2012-5689
2013-01-25 00:00:00
checkpoint_advisories
checkpoint_advisories
ISC BIND DNS64 RPZ Assertion Failure Denial of Service (CVE-2012-5689)
2013-04-30 00:00:00
redhat
redhat
(RHSA-2013:0550) Moderate: bind security and enhancement update
2013-02-21 00:00:00
centos
centos
bind security update
2013-02-27 20:09:16
ubuntu
ubuntu
Bind vulnerabilities
2015-07-28 00:00:00
oraclelinux
oraclelinux
bind security update
2014-01-20 00:00:00
bind security and enhancement update
2013-02-28 00:00:00
gentoo
gentoo
BIND: Denial of service
2014-01-29 00:00:00