 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.117759 |
| Categoría: | Denial of Service |
| Título: | ISC BIND DoS Vulnerability (CVE-2021-25219) |
| Resumen: | ISC BIND is prone to a denial of service (DoS) vulnerability. |
| Descripción: | Summary: ISC BIND is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: Exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant delays in client query processing. Vulnerability Impact: A successful attack exploiting this flaw causes a named resolver to spend most of its CPU time on managing and checking the lame cache. This results in client queries being responded to with large delays, and increased likelihood of DNS timeouts on client hosts. Affected Software/OS: BIND 9.3.0 through 9.11.35, 9.12.0 through 9.16.21, 9.9.3-S1 through 9.11.35-S1, 9.16.8-S1 through 9.16.21-S1 and 9.17.0 through 9.17.18. Authoritative-only BIND 9 servers are not vulnerable to this flaw. Solution: Update to version 9.11.36, 9.16.22, 9.17.19, 9.11.36-S1, 9.16.22-S1 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2021-25219 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://kb.isc.org/v1/docs/cve-2021-25219 https://security.netapp.com/advisory/ntap-20211118-0002/ Debian Security Information: DSA-4994 (Google Search) https://www.debian.org/security/2021/dsa-4994 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YGV7SA27CTYLGFJSPUM3V36ZWK7WWDI4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTKC4E3HUOLYN5IA4EBL4VAQSWG2ZVTX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EF4NAVRV4H3W4GA3LGGZYUKD3HSJBAVW/ https://security.gentoo.org/glsa/202210-25 https://www.oracle.com/security-alerts/cpuapr2022.html https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html |
| Copyright | Copyright (C) 2021 Greenbone Networks GmbH |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |