ID de Prueba:	1.3.6.1.4.1.25623.1.0.149836
Categoría:	Denial of Service
Título:	ISC BIND DoS Vulnerability (CVE-2023-2911) - Linux
Resumen:	ISC BIND is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: ISC BIND is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes, and stale-answer-client-timeout 0, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. Vulnerability Impact: By sending specific queries to the resolver, an attacker can cause named to terminate unexpectedly. Affected Software/OS: ISC BIND versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1 and 9.18.11-S1 through 9.18.15-S1. Solution: Update to version 9.16.42, 9.18.16, 9.16.42-S1, 9.18.16-S1 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-2911 Debian Security Information: DSA-5439 (Google Search) https://www.debian.org/security/2023/dsa-5439 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/ CVE-2023-2911 https://kb.isc.org/docs/cve-2023-2911 http://www.openwall.com/lists/oss-security/2023/06/21/6
Copyright	Copyright (C) 2023 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.