Denial of Service : ISC BIND DoS Vulnerability (CVE-2023-2828)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.149839

Categoría: Denial of Service

Título: ISC BIND DoS Vulnerability (CVE-2023-2828) - Windows

Resumen: ISC BIND is prone to a denial of service (DoS) vulnerability.

Descripción: Summary:
ISC BIND is prone to a denial of service (DoS) vulnerability.

Vulnerability Insight:
Every named instance configured to run as a recursive resolver
maintains a cache database holding the responses to the queries it has recently sent to
authoritative servers. The size limit for that cache database can be configured using the
max-cache-size statement in the configuration file, it defaults to 90% of the total amount of
memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a
cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets from the
cache, to keep memory use below the configured limit.

It has been discovered that the effectiveness of the cache-cleaning algorithm used in named can
be severely diminished by querying the resolver for specific RRsets in a certain order,
effectively allowing the configured max-cache-size limit to be significantly exceeded.

Vulnerability Impact:
By exploiting this flaw, an attacker can cause the amount of
memory used by a named resolver to go well beyond the configured max-cache-size limit. The
effectiveness of the attack depends on a number of factors (e.g. query load, query patterns), but
since the default value of the max-cache-size statement is 90%, in the worst case the attacker
can exhaust all available memory on the host running named, leading to a denial-of-service
condition.

Affected Software/OS:
ISC BIND versions 9.11.0 through 9.16.41, 9.18.0 through
9.18.15, 9.19.0 through 9.19.13, 9.11.3-S1 through 9.16.41-S1 and 9.18.11-S1 through
9.18.15-S1.

Solution:
Update to version 9.16.42, 9.18.16, 9.19.14, 9.16.42-S1,
9.18.16-S1 or later.

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2023-2828
Debian Security Information: DSA-5439 (Google Search)
https://www.debian.org/security/2023/dsa-5439
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/
CVE-2023-2828
https://kb.isc.org/docs/cve-2023-2828
https://lists.debian.org/debian-lts-announce/2023/07/msg00021.html
http://www.openwall.com/lists/oss-security/2023/06/21/6

Copyright Copyright (C) 2023 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.149839
Categoría:	Denial of Service
Título:	ISC BIND DoS Vulnerability (CVE-2023-2828) - Windows
Resumen:	ISC BIND is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: ISC BIND is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file, it defaults to 90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets from the cache, to keep memory use below the configured limit. It has been discovered that the effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to be significantly exceeded. Vulnerability Impact: By exploiting this flaw, an attacker can cause the amount of memory used by a named resolver to go well beyond the configured max-cache-size limit. The effectiveness of the attack depends on a number of factors (e.g. query load, query patterns), but since the default value of the max-cache-size statement is 90%, in the worst case the attacker can exhaust all available memory on the host running named, leading to a denial-of-service condition. Affected Software/OS: ISC BIND versions 9.11.0 through 9.16.41, 9.18.0 through 9.18.15, 9.19.0 through 9.19.13, 9.11.3-S1 through 9.16.41-S1 and 9.18.11-S1 through 9.18.15-S1. Solution: Update to version 9.16.42, 9.18.16, 9.19.14, 9.16.42-S1, 9.18.16-S1 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-2828 Debian Security Information: DSA-5439 (Google Search) https://www.debian.org/security/2023/dsa-5439 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/ CVE-2023-2828 https://kb.isc.org/docs/cve-2023-2828 https://lists.debian.org/debian-lts-announce/2023/07/msg00021.html http://www.openwall.com/lists/oss-security/2023/06/21/6
Copyright	Copyright (C) 2023 Greenbone AG