CVE-2023-5517

A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...

CVE-2023-5680

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...

ALPINE-CVE-2023-5680

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...

Design/Logic Flaw

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...

CVE-2023-6516 Specific recursive query patterns may lead to an out-of-memory condition

To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...

CVE-2023-6516

CVE-2023-6516 affects ISC BIND (named) as a denial-of-service vector via an out-of-memory condition in the cache-cleanup path when recursive queries trigger maintenance. The issue can allow memory usage to exceed max-cache-size, potentially causing DoS on vulnerable BIND 9 installations. Affected...

CVE-2023-6516

To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...

CVE-2023-5680 Cleaning an ECS-enabled cache may cause excessive CPU load

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...

CVE-2023-5680

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...

ISC BIND 9.16.0 < 9.16.48 / 9.16.8-S1 < 9.16.48-S1 Vulnerability (cve-2023-6516)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2023-6516 advisory. - To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database...

ISC BIND Security Vulnerability

ISC BIND is a suite of open source software from ISC that implements the DNS protocol. A security vulnerability exists in ISC BIND versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1, which stems from the fact that clearing a cached database node...

CVE-2023-6516

To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...

ISC BIND 9.11.3-S1 < 9.16.48-S1 / 9.16.8-S1 < 9.16.48-S1 / 9.18.11-S1 < 9.18.24-S1 Vulnerability (cve-2023-5680)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2023-5680 advisory. - If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache...

PT-2024-1751

Vulnerability Report Name of the Vulnerable Software and Affected Versions BIND versions 9.16.48-1 through 9.18.24-1 Unbound versions 1.19.1-alt1 PDNS Recursor versions 4.8.6-1 Knot Resolver versions 5.6.0-1+deb12u1 systemd affected versions not specified dnsmasq affected versions not specified...

Knot Resolver Security Vulnerability

Knot Resolver is a caching DNS resolver implementation that includes a resolver library and daemon. A security vulnerability exists in Knot Resolver versions prior to 5.7.1 that originates from allowing remote attackers to cause a denial of service via a random subdomain attack...

PT-2024-14985 · Isc +9 · Bind 9 +9

Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.16.0 through 9.16.45 BIND 9 versions 9.16.8-S1 through 9.16.45-S1 Description: The issue affects the named process running as a recursive resolver, which attempts to clean up its cache database using several methods, includi...

Moderate: Red Hat Security Advisory: unbound security update

An update for unbound is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CentOS 8 : c-ares (CESA-2023:3584)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:3584 advisory. - c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP...

Apache Sling Servlets Resolver executes malicious code via path traversal

Malicious code execution via path traversal in Apache Software Foundation Apache Sling Servlets Resolver.This issue affects all version of Apache Sling Servlets Resolver before 2.11.0. However, whether a system is vulnerable to this attack depends on the exact configuration of the system. If the...

GHSA-H2RQ-QHR7-53GM Apache Sling Servlets Resolver executes malicious code via path traversal

Malicious code execution via path traversal in Apache Software Foundation Apache Sling Servlets Resolver.This issue affects all version of Apache Sling Servlets Resolver before 2.11.0. However, whether a system is vulnerable to this attack depends on the exact configuration of the system. If the...