Lucene search
K

478 matches found

AlpineLinux
AlpineLinux
added 2024/02/13 2:5 p.m.32 views

CVE-2023-5679

A bad interaction between DNS64 and serve-stale may cause named to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through...

7.5CVSS7.3AI score0.01231EPSS
Exploits0
Cvelist
Cvelist
added 2024/02/13 2:5 p.m.56 views

CVE-2023-5679 Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution

A bad interaction between DNS64 and serve-stale may cause named to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through...

7.5CVSS7.8AI score0.01231EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2024/02/13 2:5 p.m.39 views

CVE-2023-5679

A bad interaction between DNS64 and serve-stale may cause named to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through...

7.5CVSS7.8AI score0.01231EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2024/02/13 2:4 p.m.43 views

CVE-2023-5517

A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...

7.5CVSS7.3AI score0.01231EPSS
Exploits0
CVE
CVE
added 2024/02/13 2:4 p.m.457 views

CVE-2023-5517

CVE-2023-5517 is a BIND vulnerability where a flaw in query-handling can cause named to exit with an assertion failure when nxdomain-redirect is configured and a PTR query for an RFC 1918 address would yield NXDOMAIN. Affected: BIND 9.x (various 9.12.0–9.19.19 and related 9.16/9.18 ranges; versio...

7.5CVSS7.5AI score0.01231EPSS
Exploits0References7Affected Software2
Vulnrichment
Vulnrichment
added 2024/02/13 2:4 p.m.32 views

CVE-2023-5517 Querying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled

A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...

7.5CVSS6.9AI score0.01231EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/02/13 2:4 p.m.66 views

CVE-2023-5517 Querying RFC 1918 reverse zones may cause an assertion failure when "nxdomain-redirect" is enabled

A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...

7.5CVSS7.8AI score0.01231EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2024/02/13 2:4 p.m.44 views

CVE-2023-5517

A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...

7.5CVSS7.8AI score0.01231EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2024/02/13 2:4 p.m.46 views

CVE-2023-4408

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

7.5CVSS7.5AI score0.01327EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/02/13 2:4 p.m.31 views

CVE-2023-4408 Parsing large DNS messages may cause excessive CPU load

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

7.5CVSS7.2AI score0.01327EPSS
Exploits0References7
CVE
CVE
added 2024/02/13 2:4 p.m.706 views

CVE-2023-4408

The CVE-2023-4408 issue is a vulnerability in the DNS message parsing of BIND's named where the parsing path has an overly high computational complexity. A crafted large or malformed DNS message can cause high CPU usage on affected BIND 9 releases, potentially impacting both authoritative servers...

7.5CVSS7.5AI score0.01327EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2024/02/13 2:4 p.m.71 views

CVE-2023-4408 Parsing large DNS messages may cause excessive CPU load

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

7.5CVSS7.9AI score0.01327EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2024/02/13 2:4 p.m.52 views

CVE-2023-4408

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

7.5CVSS6.6AI score0.01327EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2024/02/13 12:0 a.m.51 views

CVE-2023-6516

To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...

7.5CVSS7AI score0.01097EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/02/13 12:0 a.m.47 views

CVE-2023-5679

A bad interaction between DNS64 and serve-stale may cause named to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through...

7.5CVSS7.1AI score0.01231EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/02/13 12:0 a.m.39 views

CVE-2023-5517

A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versio...

7.5CVSS7.1AI score0.01231EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/02/13 12:0 a.m.42 views

CVE-2023-4408

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

7.5CVSS6.7AI score0.01327EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/01/29 12:0 a.m.4 views

PT-2025-1930 · Isc +11 · Bind 9 +11

Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.18.0 through 9.18.32 BIND 9 versions 9.20.0 through 9.20.4 BIND 9 versions 9.21.0 through 9.21.3 BIND 9 versions 9.18.11-S1 through 9.18.32-S1 Description: Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU...

7.8CVSS7.3AI score0.17935EPSS
Exploits1References82
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.36 views

EulerOS Virtualization 2.10.0 : dhcp (EulerOS-SA-2023-3465)

According to the versions of the dhcp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it ha...

7.5CVSS7.3AI score0.03776EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.30 views

EulerOS Virtualization 2.9.1 : dhcp (EulerOS-SA-2024-1032)

According to the versions of the dhcp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it ha...

7.5CVSS7.3AI score0.03776EPSS
Exploits0References2
Rows per page
Query Builder