← volver
CVE-2024-0760

A flood of DNS messages over TCP may make the server unstable

CVSS 7.5 HIGHEPSS 4.7%CWE-770
A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Productos afectados
ISC · BIND 9

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://kb.isc.org/docs/cve-2024-0760https://security.netapp.com/advisory/ntap-20240731-0004/http://www.openwall.com/lists/oss-security/2024/07/23/1http://www.openwall.com/lists/oss-security/2024/07/31/2