CVE-2022-2795
Processing large delegations may severely degrade resolver performance
By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Produtos afetados
ISC · BIND9Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://kb.isc.org/docs/cve-2022-2795https://lists.debian.org/debian-lts-announce/2022/10/msg00007.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CV4GQWBPF7Y52J2FA24U6UMHQAOXZEF7/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRHB6J4Z7BKH4HPEKG5D35QGRD6ANNMT/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZJQNUASODNVAWZV6STKG5SD6XIJ446S/https://security.gentoo.org/glsa/202210-25https://security.netapp.com/advisory/ntap-20241129-0002/https://www.debian.org/security/2022/dsa-5235http://www.openwall.com/lists/oss-security/2022/09/21/3