你在这里

Infoblox 发布DNS 服务器弱点 CVE-2012-1667 补丁

2012年6月4日,ISC 发布其 DNS 服务器的一个弱点 CVE-2012-1667.此弱点在于添加了一个长度为0的资源记录到DNS服务器上会导致DNS服务中断。所有 NIOS 系统均受此弱点的影响,但目前没有针对此弱点的攻击工具。

同时由于 NIOS 的监控进程监控到DNS服务终止后会自动将其重新启动,所以此弱点并不能造成 NIOS 系统的DNS服务终止。但是 Infobox还是建议客户将 NIOS 系统升级到包含补丁的的版本。

关于更多此弱点(CVE-2012-1667)的更多信息,请查看 http://www.isc.org/advisories

Infoblox 技术支持网站已经提供解决此问题的补丁下载,如有需要请到Infoblox技术支持网站下载。

 


以下是英文原文:

On June 4, 2012, the Internet Systems Consortium (ISC) announced vulnerabilities in their DNS server, CVE-2012-1667, where adding records to BIND with null (zero length) rdata fields can cause named to terminate unexpectedly. All supported NIOS releases are impacted by this issue. No known exploits exist for this vulnerability, and there are no workarounds identified at this time.

However, the NIOS monitoring process automatically restarts the DNS service after it detects the failure. NIOS monitoring helps to recover services automatically, but Infoblox recommends customers to upgrade to one of the available patches. More information regarding CVE-2012-1667 can be found at http://www.isc.org/advisories.

Please note that patches are now available for download that address CVE-2012-1667. For the latest information and download access to the available patches including detailed release notes, please login to the Infoblox Support site.