ISC BIND 繞過限制漏洞

說明

"update-policy local;", which is a permission cluster provided
as a shortcut for operators who use Dynamic DNS (DDNS), was
misleadingly named in that its original implementation did not
actually enforce a requirement that the updates it allows originate
locally.


影響內容

版本 9.0.x - 9.8.x, 9.9.0 - 9.9.11-P1, 9.10.0 - 9.10.6-P1, 9.11.0 - 9.11.2-P1, 9.12.0 - 9.12.0-P1


處理方式

供應商已推出修補程式 (9.9.12, 9.10.7, 9.11.3, 9.12.1):


相關連結

https://www.auscert.org.au/bulletins/59670

發表迴響

你的電子郵件位址並不會被公開。 必要欄位標記為 *

釘選至 Pinterest