EulerOS 2.0 SP9 : bind (EulerOS-SA-2023-2572)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sen...

EulerOS 2.0 SP9 : bind (EulerOS-SA-2023-2602)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sen...

Amazon Linux AMI : bind (ALAS-2023-1789)

The version of bind installed on the remote host is prior to 9.8.2-0.68.rc1.90. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1789 advisory. A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished...

SUSE-SU-2023:2954-1 Security update for bind

This update for bind fixes the following issues: - CVE-2023-2828: Fixed denial-of-service against recursive resolvers related to cache-cleaning algorithm bsc1212544...

Oracle Linux 7 : bind (ELSA-2023-4152)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-4152 advisory. - Prevent the cache going over the configured limit CVE-2023-2828 - Tighten cache protection against record from forwarders CVE-2021-25220 - Include test of...

Amazon Linux 2 : bind (ALAS-2023-2112)

The version of bind installed on the remote host is prior to 9.11.4-26.P2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2112 advisory. A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by...

Amazon Linux 2023 : bind, bind-chroot, bind-devel (ALAS2023-2023-240)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-240 advisory. A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order,...

Oracle Linux 8 : bind (ELSA-2023-4102)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-4102 advisory. 32:9.11.36-8.1 - Improve RBT overmem cache cleaning CVE-2023-2828 Tenable has extracted the preceding description block directly from the Oracle Linux security...

AlmaLinux 9 : bind (ALSA-2023:4099)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4099 advisory. - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to...

AlmaLinux 8 : bind (ALSA-2023:4102)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4102 advisory. - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to...

AlmaLinux 8 : bind9.16 (ALSA-2023:4100)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4100 advisory. - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to...

bind: named's configured cache size limit can be significantly exceeded

A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly...

SUSE SLES15 / openSUSE 15 Security Update : bind (SUSE-SU-2023:2794-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2794-1 advisory. - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queri...

SUSE SLES12 Security Update : bind (SUSE-SU-2023:2793-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2793-1 advisory. - Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has...

SUSE-SU-2023:2789-1 Security update for bind

This update for bind fixes the following issues: - CVE-2023-2828: Fixed DOS against recursive resolvers related to cache-cleaning algorithm bsc1212544...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bind (SUSE-SU-2023:2667-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2667-1 advisory. - Every named instance configured to run as a recursive resolver maintains a cache database...

CVE-2023-2828

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...

CVE-2023-2828

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...

Design/Logic Flaw

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...

CVE-2023-2828 named's configured cache size limit can be significantly exceeded

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...