CVE-2015-4620

描述

name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) by constructing crafted zone data and then making a query for a name in that zone.

受影響套件(3)

• Debian/bind9from 0, < 1:9.9.5.dfsg-10
• Debian/bind9from 0, < 9.7.3.dfsg-1~squeeze15
• Debian/bind9from 0, < 1:9.8.4.dfsg.P1-6+nmu2+deb7u5

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-4620