Lucene search
K

26 matches found

RedHat Linux
RedHat Linux
added 2025/02/19 6:37 p.m.3 views

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

7.5CVSS7.3AI score0.15344EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/02/19 8:42 a.m.3 views

bind: bind9: DNS-over-HTTPS implementation suffers from multiple issues under heavy query load

A flaw was found in BIND 9. By flooding a target resolver with HTTP/2 traffic and exploiting this flaw, an attacker could overwhelm the server, causing high CPU and/or memory usage and preventing other clients from establishing DoH connections. This issue could significantly impair the resolver's...

7.5CVSS5.7AI score0.17935EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/02/19 7:7 a.m.4 views

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

7.5CVSS7.3AI score0.15344EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/02/19 6:56 a.m.4 views

bind: bind9: Many records in the additional section cause CPU exhaustion

A flaw was found in the bind package where a crafted DNS zone may generate numerous records in the 'Additional' section of the response. This flaw allows an attacker to send a large amount of such queries, which may lead either the authoritative server or an independent resolver to run into an...

7.5CVSS7.3AI score0.15344EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/01/06 1:36 p.m.43 views

bind9: Parsing large DNS messages may cause excessive CPU load

A flaw was found in the bind package. This issue may allow a remote attacker with no specific privileges to craft a specially long DNS message leading to an excessive and uncontrolled CPU usage, the server being unavailable, and a Denial of Service...

7.5CVSS6.7AI score0.01327EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/08/27 6:48 p.m.4 views

bind9: bind: SIG(0) can be used to exhaust CPU resources

A flaw was found in the bind9 package, where if a DNS server hosts a zone containing a "KEY" resource record or a DNS resolver utilizes the DNSSEC validate feature to validate a "KEY" resource record, a malicious client could exhaust the CPU resourced from the resolver by sending a stream of SIG0...

7.5CVSS5.7AI score0.02114EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/08/27 11:28 a.m.5 views

bind9: bind: SIG(0) can be used to exhaust CPU resources

A flaw was found in the bind9 package, where if a DNS server hosts a zone containing a "KEY" resource record or a DNS resolver utilizes the DNSSEC validate feature to validate a "KEY" resource record, a malicious client could exhaust the CPU resourced from the resolver by sending a stream of SIG0...

7.5CVSS5.7AI score0.02114EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/08/26 8:21 a.m.5 views

bind9: bind: SIG(0) can be used to exhaust CPU resources

A flaw was found in the bind9 package, where if a DNS server hosts a zone containing a "KEY" resource record or a DNS resolver utilizes the DNSSEC validate feature to validate a "KEY" resource record, a malicious client could exhaust the CPU resourced from the resolver by sending a stream of SIG0...

7.5CVSS5.7AI score0.02114EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/08/26 8:21 a.m.5 views

bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam

A flaw was found in the bind9 package, where a hostname with significant resource records may slow down bind's resolver cache and authoritative zone databases while these records are being added or updated. In addition, client queries for the related hostname may cause the same issue. This...

7.5CVSS5.8AI score0.02114EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/08/19 5:12 a.m.5 views

bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam

A flaw was found in the bind9 package, where a hostname with significant resource records may slow down bind's resolver cache and authoritative zone databases while these records are being added or updated. In addition, client queries for the related hostname may cause the same issue. This...

7.5CVSS5.8AI score0.02114EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/08/14 3:5 p.m.4 views

bind9: bind: SIG(0) can be used to exhaust CPU resources

A flaw was found in the bind9 package, where if a DNS server hosts a zone containing a "KEY" resource record or a DNS resolver utilizes the DNSSEC validate feature to validate a "KEY" resource record, a malicious client could exhaust the CPU resourced from the resolver by sending a stream of SIG0...

7.5CVSS5.7AI score0.02114EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/08/14 3:5 p.m.4 views

bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam

A flaw was found in the bind9 package, where a hostname with significant resource records may slow down bind's resolver cache and authoritative zone databases while these records are being added or updated. In addition, client queries for the related hostname may cause the same issue. This...

7.5CVSS5.8AI score0.02114EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/06/13 2:29 a.m.7 views

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

7.5CVSS6.7AI score0.81729EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/06/10 8:16 a.m.5 views

bind9: Parsing large DNS messages may cause excessive CPU load

A flaw was found in the bind package. This issue may allow a remote attacker with no specific privileges to craft a specially long DNS message leading to an excessive and uncontrolled CPU usage, the server being unavailable, and a Denial of Service...

7.5CVSS6.7AI score0.01327EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/06/10 8:16 a.m.7 views

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

7.5CVSS6.7AI score0.81729EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/05/16 5:40 p.m.5 views

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

7.5CVSS6.7AI score0.81729EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/05/07 7:56 a.m.3 views

bind9: Parsing large DNS messages may cause excessive CPU load

A flaw was found in the bind package. This issue may allow a remote attacker with no specific privileges to craft a specially long DNS message leading to an excessive and uncontrolled CPU usage, the server being unavailable, and a Denial of Service...

7.5CVSS6.7AI score0.01327EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/04/15 1:53 a.m.4 views

bind9: Parsing large DNS messages may cause excessive CPU load

A flaw was found in the bind package. This issue may allow a remote attacker with no specific privileges to craft a specially long DNS message leading to an excessive and uncontrolled CPU usage, the server being unavailable, and a Denial of Service...

7.5CVSS6.7AI score0.01327EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/04/11 5:48 p.m.5 views

bind9: Querying RFC 1918 reverse zones may cause an assertion failure when “nxdomain-redirect” is enabled

A flaw was found in the bind package which may result in a Denial of Service in named process. This is a result of a reachable assertion, leading named to prematurely terminate when both conditions are met: nxdomain-redirect for the queried domain is configured and the resolver receives a PTR...

7.5CVSS5.7AI score0.01231EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/04/11 11:6 a.m.4 views

bind9: Enabling both DNS64 and serve-stale may cause an assertion failure during recursive resolution

A flaw was found in the bind package. This issue may allow an attacker to query in a DNS64 enabled resolver node with a domain name triggering a server-stale data, triggering a code assertion, and resulting in a crash of named processes. This can allow a remote unauthenticated user to cause a...

7.5CVSS5.8AI score0.01231EPSS
Exploits0References5
Rows per page
Query Builder