ISC BIND 繞過限制漏洞
說明
“update-policy local;”, which is a permission cluster provided
as a shortcut for operators who use Dynamic DNS (DDNS), was
misleadingly named in that its original implementation did not
actually enforce a requirement that the updates it allows originate
locally.
影響內容
版本 9.0.x – 9.8.x, 9.9.0 – 9.9.11-P1, 9.10.0 – 9.10.6-P1, 9.11.0 – 9.11.2-P1, 9.12.0 – 9.12.0-P1
處理方式
供應商已推出修補程式 (9.9.12, 9.10.7, 9.11.3, 9.12.1):
Download free open source software from ISC – BIND, Kea, ISC DHCP
相關連結
https://www.auscert.org.au/bulletins/59670
