MyDNS DNS 拒绝服务漏洞
| CNNVD-ID编号 | CNNVD-200601-249 | CVE编号 | CVE-2006-0351 |
| 发布时间 | 2006-01-20 | 更新时间 | 2006-01-30 |
| 漏洞类型 | 设计错误 | 漏洞来源 | This issue was discovered by the PROTOS DNS Test Suite, which was developed by the Oulu University Secure Programming Group (OUSPG). |
| 危险等级 | 中危 | 威胁类型 | 远程 |
| 厂商 | don_moore | ||
漏洞介绍
MyDNS 1.1.0之前版本存在未明重要拒绝服务漏洞,具有未知的影响和攻击矢量。
漏洞补丁
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
MyDNS MyDNS 1.0
Debian mydns-mysql_1.0.0-4sarge1_hppa.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mydns/mydns-mysql_1.0.0 -4sarge1_hppa.deb
Debian mydns-mysql_1.0.0-4sarge1_ia64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mydns/mydns-mysql_1.0.0 -4sarge1_ia64.deb
Debian mydns-mysql_1.0.0-4sarge1_m68k.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mydns/mydns-mysql_1.0.0 -4sarge1_m68k.deb
Debian mydns-mysql_1.0.0-4sarge1_mips.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mydns/mydns-mysql_1.0.0 -4sarge1_mips.deb
Debian mydns-mysql_1.0.0-4sarge1_mipsel.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mydns/mydns-mysql_1.0.0 -4sarge1_mipsel.deb
Debian mydns-mysql_1.0.0-4sarge1_powerpc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mydns/mydns-mysql_1.0.0 -4sarge1_powerpc.deb
Debian mydns-mysql_1.0.0-4sarge1_s390.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mydns/mydns-mysql_1.0.0 -4sarge1_s390.deb
Debian mydns-mysql_1.0.0-4sarge1_sparc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mydns/mydns-mysql_1.0.0 -4sarge1_sparc.deb
Debian mydns-pgsql_1.0.0-4sarge1_hppa.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mydns/mydns-pgsql_1.0.0 -4sarge1_hppa.deb
Debian mydns-pgsql_1.0.0-4sarge1_ia64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mydns/mydns-pgsql_1.0.0 -4sarge1_ia64.deb
Debian mydns-pgsql_1.0.0-4sarge1_m68k.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mydns/mydns-pgsql_1.0.0 -4sarge1_m68k.deb
Debian mydns-pgsql_1.0.0-4sarge1_mips.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mydns/mydns-pgsql_1.0.0 -4sarge1_mips.deb
Debian mydns-pgsql_1.0.0-4sarge1_mipsel.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mydns/mydns-pgsql_1.0.0 -4sarge1_mipsel.deb
Debian mydns-pgsql_1.0.0-4sarge1_powerpc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mydns/mydns-pgsql_1.0.0 -4sarge1_powerpc.deb
Debian mydns-pgsql_1.0.0-4sarge1_s390.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mydns/mydns-pgsql_1.0.0 -4sarge1_s390.deb
Debian mydns-pgsql_1.0.0-4sarge1_sparc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/mydns/mydns-pgsql_1.0.0 -4sarge1_sparc.deb
MyDNS mydns-1.1.0.tar.bz2
http://mydns.bboy.net/download/mydns-1.1.0.tar.bz2
参考网址
来源: OSVDB
名称: 22636
来源: VUPEN
名称: ADV-2006-0256
链接:http://www.frsirt.com/english/advisories/2006/0256
来源: SECUNIA
名称: 18532
链接:http://secunia.com/advisories/18532
来源: mydns.bboy.net
链接:http://mydns.bboy.net/download/changelog.html
来源: XF
名称: mydns-query-dos(24228)
链接:http://xforce.iss.net/xforce/xfdb/24228
来源: BID
名称: 16431
链接:http://www.securityfocus.com/bid/16431
来源: GENTOO
名称: GLSA-200601-16
链接:http://www.gentoo.org/security/en/glsa/glsa-200601-16.xml
来源: DEBIAN
名称: DSA-963
链接:http://www.debian.org/security/2006/dsa-963
来源: SECTRACK
名称: 1015521
链接:http://securitytracker.com/id?1015521
来源: SECUNIA
名称: 18653
链接:http://secunia.com/advisories/18653
受影响实体
Don_moore Mydns:0.9.3 Don_moore Mydns:0.9.9 Don_moore Mydns:0.6 Don_moore Mydns:0.8.1 Don_moore Mydns:0.8.3信息来源
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200601-249
评论