← voltar
CVE-2024-0760

A flood of DNS messages over TCP may make the server unstable

CVSS 7.5 HIGHEPSS 4.7%CWE-770
A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Produtos afetados
ISC · BIND 9

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://kb.isc.org/docs/cve-2024-0760https://security.netapp.com/advisory/ntap-20240731-0004/http://www.openwall.com/lists/oss-security/2024/07/23/1http://www.openwall.com/lists/oss-security/2024/07/31/2