Test Kennung:	1.3.6.1.4.1.25623.1.0.149836
Kategorie:	Denial of Service
Titel:	ISC BIND DoS Vulnerability (CVE-2023-2911) - Linux
Zusammenfassung:	ISC BIND is prone to a denial of service (DoS) vulnerability.
Beschreibung:	Summary: ISC BIND is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes, and stale-answer-client-timeout 0, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. Vulnerability Impact: By sending specific queries to the resolver, an attacker can cause named to terminate unexpectedly. Affected Software/OS: ISC BIND versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1 and 9.18.11-S1 through 9.18.15-S1. Solution: Update to version 9.16.42, 9.18.16, 9.16.42-S1, 9.18.16-S1 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2023-2911 Debian Security Information: DSA-5439 (Google Search) https://www.debian.org/security/2023/dsa-5439 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/ CVE-2023-2911 https://kb.isc.org/docs/cve-2023-2911 http://www.openwall.com/lists/oss-security/2023/06/21/6
Copyright	Copyright (C) 2023 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.