![[+]](http://ohaha.ks.edu.tw/templates/blog_1/ohaha_spollo/imgs/computer.gif){kind=small}
首頁![[+]](http://ohaha.ks.edu.tw/templates/blog_1/ohaha_spollo/imgs/bricks.gif){kind=small}
檔案庫![[+]](http://ohaha.ks.edu.tw/templates/blog_1/ohaha_spollo/imgs/date.gif){kind=small}
文章彙整![[+]](http://ohaha.ks.edu.tw/templates/blog_1/ohaha_spollo/imgs/vcard.gif){kind=small}
關於本站![[+]](http://ohaha.ks.edu.tw/templates/blog_1/ohaha_spollo/imgs/mail.gif){kind=small}
寫信給我資料來源: http://www.isc.org/index.pl?/sw/bind/index.php
目前為止 安全的版本如下:
| ver/CVE | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 9.5.1b1 | ||||||||||||||||||||||||||||||
| 9.5.0-P1 | ||||||||||||||||||||||||||||||
| 9.4.3b2 | ||||||||||||||||||||||||||||||
| 9.3.5-P1 |
BIND 8.x.x 最後的維護時間為2007年8月.
上表欄位數字為最近的30個威脅漏洞編號,如下:
| # | CVE number | short description |
|---|---|---|
| 0 | 1999-0833 | Buffer overflow via NXT records. |
| 1 | 1999-0835 | Denial of service via malformed SIG records. |
| 2 | 1999-0837 | Denial of service by improperly closing TCP sessions via so_linger. |
| 3 | 1999-0848 | Denial of service named via consuming more than "fdmax" file descriptors. |
| 4 | 1999-0849 | Denial of service via maxdname. |
| 5 | 1999-0851 | Denial of service via naptr. |
| 6 | 2000-0887 | Denial of service by compressed zone transfer (ZXFR) request. |
| 7 | 2000-0888 | Denial of service via SRV record. |
| 8 | 2001-0010 | Buffer overflow in TSIG code allows root privileges. |
| 9 | 2001-0011 | Buffer overflow in nslookupComplain allows root privileges. |
| 10 | 2001-0012 | Ability to access sensitive information such as environment variables. |
| 11 | 2001-0013 | Format string vulnerability in nslookupComplain allows root privileges. |
| 12 | 2002-0029 | Buffer overflows in resolver library allows execution of arbitrary code. |
| 13 | 2002-0400 | Denial of service via malformed DNS packet. |
| 14 | 2002-0651 | Buffer overflow in resolver code may cause a DoS and arbitrary code execution. |
| 15 | 2002-1220 | Denial of service via request for nonexistent subdomain using large OPT RR. |
| 16 | 2002-1221 | Denial of service via SIG RR elements with invalid expiry times. |
| 17 | 2003-0914 | Cache poisoning via negative responses with a large TTL value. |
| 18 | 2005-0033 | Buffer overflow in recursion and glue code allows denial of service. |
| 19 | 2005-0034 | Denial of service via crafted DNS packets causing internal self-check to fail. |
| 20 | 2006-4095 | Denial of service via certain SIG queries that return multiple RRsets. |
| 21 | 2006-4096 | Denial of service via a flood of recursive queries causing INSIST failure. |
| 22 | 2007-0493 | Denial of service via unspecified vectors that cause named to "dereference a freed fetch context." |
| 23 | 2007-0494 | Denial of service via ANY query response containing multiple RRsets. |
| 24 | 2007-2241 | Sequence of queries can cause a recursive nameserver to exit. |
| 25 | 2007-2925 | allow-query-cache/allow-recursion default acls not set. |
| 26 | 2007-2926 | cryptographically weak query ids |
| 27 | 2007-2930 | cryptographically weak query ids (BIND 8) |
| 28 | 2008-0122 | inet_network() off-by-one buffer overflow |
| 29 | 2008-1447 | DNS cache poisoning issue |