2 matches found
ABB M2M Gateway Memory Leak in embedded Bind (CVE-2022-38178)
By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. This plugin only works with Tenable.ot. Please visit...
ABB M2M Gateway Uncontrolled Resource Consumption in embedded Bind (CVE-2023-2828)
Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...