在2016年12月份至2017年1月份Red hat CVE漏洞库发布了4个“重要”“严重”等级的安全漏洞,针对出现的安全漏洞,发布了对应的Bugzilla。安全公告每月更新一次,旨在查找解决严重的漏洞问题。
2017年1月新的安全漏洞
以下是所有安全漏洞的内容,供您参考。
CVE名称 |
等级 |
影响组件 |
发布时间 |
CVE-2016-9444 |
Important |
bind |
2017/1/11 |
CVE-2016-9778 |
Important |
bind |
2017/1/11 |
CVE-2016-9147 |
Important |
bind |
2017/1/11 |
CVE-2016-9131 |
Important |
bind |
2017/1/11 |
关于这些新发布的所有安全漏洞,可在以下页面中找到详细信息:
https://access.redhat.com/security/cve/
备注:需使用您的Red Hat账号登录,方可查看全部安全漏洞详细信息。
安全漏洞详细信息
公告标识 CVE-2016-9444 |
|
标题 |
CVE-2016-9444 |
描述 |
A denial of service flaw was found in the way BIND handled an unusually-formed DS record response. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. |
Find out more about CVE-2016-9444 from the MITRE CVE dictionary dictionary and NIST NVD. |
|
最高严重等级 |
Important |
漏洞的影响 |
Red Hat Enterprise Linux 6 (bind) |
Red Hat Enterprise Linux 5 (bind97) |
|
Red Hat Enterprise Linux 5 (bind) |
|
Bugzilla |
1411377: CVE-2016-9444 bind: assertion failure while handling an unusually-formed DS record response |
详细信息 |
https://access.redhat.com/security/cve/cve-2016-9444 |
公告标识 CVE-2016-9778 |
|
标题 |
CVE-2016-9778 |
描述 |
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. |
Find out more about CVE-2016-9778 from the MITRE CVE dictionary dictionary and NIST NVD. |
|
最高严重等级 |
Important |
漏洞的影响 |
Red Hat Enterprise Linux 7 (bind) |
Red Hat Enterprise Linux 6 (bind) |
|
Red Hat Enterprise Linux 5 (bind) |
|
Red Hat Enterprise Linux 5 (bind97) |
|
Bugzilla |
1411387: CVE-2016-9778 bind: assertion failure while handling certain queries using the nxdomain-redirect feature |
详细信息 |
https://access.redhat.com/security/cve/cve-2016-9778 |
公告标识 CVE-2016-9147 |
|
标题 |
CVE-2016-9147 |
描述 |
A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. |
Find out more about CVE-2016-9147 from the MITRE CVE dictionary dictionary and NIST NVD. |
|
最高严重等级 |
Important |
漏洞的影响 |
Red Hat Enterprise Linux 7 (bind) |
Red Hat Enterprise Linux 6 (bind) |
|
Red Hat Enterprise Linux 5 (bind) |
|
Red Hat Enterprise Linux 5 (bind97) |
|
Bugzilla |
1411367: CVE-2016-9147 bind: assertion failure while handling a query response containing inconsistent DNSSEC information |
详细信息 |
https://access.redhat.com/security/cve/cve-2016-9147 |
公告标识 CVE-2016-9131 |
|
标题 |
CVE-2016-9131 |
描述 |
A denial of service flaw was found in the way BIND processed a response to an ANY query. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. |
Find out more about CVE-2016-9131 from the MITRE CVE dictionary dictionary and NIST NVD. |
|
最高严重等级 |
Important |
漏洞的影响 |
Red Hat Enterprise Linux 6 (bind) |
Red Hat Enterprise Linux 5 (bind) |
|
Red Hat Enterprise Linux 5 (bind97) |
|
Bugzilla |
1411348: CVE-2016-9131 bind: assertion failure while processing response to an ANY query |
详细信息 |
https://access.redhat.com/security/cve/cve-2016-9131 |
注意和免责声明
关于信息的一致性:
如果Redhat CVE漏洞库网站上的安全公告内容和本文中的内容不一致,请以网站上的安全公告内容为准。