Lucene search
K

46 matches found

RedHat Linux
RedHat Linux
added 2024/08/15 7:27 a.m.5 views

bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam

A flaw was found in the bind9 package, where a hostname with significant resource records may slow down bind's resolver cache and authoritative zone databases while these records are being added or updated. In addition, client queries for the related hostname may cause the same issue. This...

7.5CVSS5.8AI score0.02114EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/08/15 1:57 a.m.2 views

bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam

A flaw was found in the bind9 package, where a hostname with significant resource records may slow down bind's resolver cache and authoritative zone databases while these records are being added or updated. In addition, client queries for the related hostname may cause the same issue. This...

7.5CVSS5.8AI score0.02114EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/08/14 3:5 p.m.4 views

bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam

A flaw was found in the bind9 package, where a hostname with significant resource records may slow down bind's resolver cache and authoritative zone databases while these records are being added or updated. In addition, client queries for the related hostname may cause the same issue. This...

7.5CVSS5.8AI score0.02114EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/07/23 11:36 p.m.21 views

CVE-2024-1737

A flaw was found in the bind9 package, where a hostname with significant resource records may slow down bind's resolver cache and authoritative zone databases while these records are being added or updated. In addition, client queries for the related hostname may cause the same issue. This...

7.5CVSS6.6AI score0.02114EPSS
Exploits0References3
OSV
OSV
added 2024/07/23 12:0 a.m.2 views

UBUNTU-CVE-2024-1737

Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versions 9.11.0 throug...

7.5CVSS7.1AI score0.02114EPSS
Exploits0References5
Veracode
Veracode
added 2024/03/17 5:32 p.m.13 views

Performance Degradation

BIND is vulnerable to a performance degradation issue when a resolver cache contains a large number of ECS EDNS Client Subnet records for the same name, impacting query performance during the cache database cleanup process...

5.3CVSS5.1AI score0.00624EPSS
Exploits0References7Affected Software1
SUSE CVE
SUSE CVE
added 2024/02/15 4:17 a.m.3 views

SUSE CVE-2023-5680

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...

5.3CVSS5.7AI score0.00624EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2024/02/14 6:3 p.m.39 views

K000138618: BIND vulnerability CVE-2023-5680

Security Advisory Description If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1...

5.3CVSS5.5AI score0.00624EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/02/14 12:0 a.m.18 views

ISC BIND DoS Vulnerability (CVE-2023-5680) - Linux

ISC BIND is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; if...

5.3CVSS5.3AI score0.00624EPSS
Exploits0References1
NVD
NVD
added 2024/02/13 2:15 p.m.13 views

CVE-2023-5680

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...

5.3CVSS5.2AI score0.00624EPSS
Exploits0References2
OSV
OSV
added 2024/02/13 2:15 p.m.2 views

ALPINE-CVE-2023-5680

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...

5.3CVSS6.8AI score0.00624EPSS
Exploits0References1
OSV
OSV
added 2024/02/13 2:15 p.m.24 views

CVE-2023-5680

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...

5.3CVSS6.9AI score0.00624EPSS
Exploits0References2
Prion
Prion
added 2024/02/13 2:15 p.m.16 views

Design/Logic Flaw

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...

5CVSS6.9AI score0.00624EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2024/02/13 2:5 p.m.17 views

CVE-2023-5680

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...

5.3CVSS5.6AI score0.00624EPSS
Exploits0
Cvelist
Cvelist
added 2024/02/13 2:5 p.m.37 views

CVE-2023-5680 Cleaning an ECS-enabled cache may cause excessive CPU load

If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This issue affects BIND 9 versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and...

5.3CVSS5.4AI score0.00624EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/13 12:0 a.m.4 views

ISC BIND Security Vulnerability

ISC BIND is a suite of open source software from ISC that implements the DNS protocol. A security vulnerability exists in ISC BIND versions 9.11.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1, which stems from the fact that clearing a cached database node...

5.3CVSS8.3AI score0.00624EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/02/13 12:0 a.m.26 views

ISC BIND 9.11.3-S1 < 9.16.48-S1 / 9.16.8-S1 < 9.16.48-S1 / 9.18.11-S1 < 9.18.24-S1 Vulnerability (cve-2023-5680)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2023-5680 advisory. - If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache...

5.3CVSS6.3AI score0.00624EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/07/18 8:30 a.m.3 views

bind: named's configured cache size limit can be significantly exceeded

A vulnerability was found in BIND. The effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to exceed significantly...

7.5CVSS7.1AI score0.03776EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2016/01/28 12:0 a.m.32 views

ISC BIND Resolver Cache Vulnerability (Jan 2016)

ISC BIND is prone to a resolver cache vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...

5CVSS6.1AI score0.13538EPSS
Exploits1References2
CERT
CERT
added 2010/01/19 12:0 a.m.59 views

BIND 9 DNSSEC validation code could cause fake NXDOMAIN responses

Overview A vulnerability exists in the BIND 9 DNSSEC validation code that could be used by an attacker to generate fake NXDOMAIN responses. Description BIND 9 contains a vulnerability in DNSSEC validation code. According to ISC: There was an error in the DNSSEC NSEC/NSEC3 validation code that cou...

4.3CVSS7.4AI score0.09363EPSS
Exploits0References1
Rows per page
Query Builder