 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.149834 |
| Kategorie: | Denial of Service |
| Titel: | ISC BIND DoS Vulnerability (CVE-2023-2829) - Linux |
| Zusammenfassung: | ISC BIND is prone to a denial of service (DoS) vulnerability. |
| Beschreibung: | Summary: ISC BIND is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: A named instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache (RFC 8198) option (synth-from-dnssec) enabled can be remotely terminated using a zone with a malformed NSEC record. Vulnerability Impact: By sending specific queries to the resolver, an attacker can cause named to terminate unexpectedly. Note that the BIND configuration option synth-from-dnssec is enabled by default in all versions of BIND 9.18 and 9.18-S and newer. In earlier versions of BIND that had this option available, it was disabled unless activated explicitly in named.conf. Affected Software/OS: ISC BIND versions 9.16.8-S1 through 9.16.41-S1 and 9.18.11-S1 through 9.18.15-S1. Solution: Update to version 9.16.42-S1, 9.18.16-S1 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2023-2829 CVE-2023-2829 https://kb.isc.org/docs/cve-2023-2829 |
| Copyright | Copyright (C) 2023 Greenbone AG |
| Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |