Denial of Service : ISC BIND DoS Vulnerability (CVE-2023-6516)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.151717

Categoría: Denial of Service

Título: ISC BIND DoS Vulnerability (CVE-2023-6516) - Linux

Resumen: ISC BIND is prone to a denial of service (DoS) vulnerability.

Descripción: Summary:
ISC BIND is prone to a denial of service (DoS) vulnerability.

Vulnerability Insight:
To keep its cache database efficient, named running as a
recursive resolver occasionally attempts to clean up the database. It uses several methods,
including some that are asynchronous: a small chunk of memory pointing to the cache element that
can be cleaned up is first allocated and then queued for later processing. It was discovered that
if the resolver is continuously processing query patterns triggering this type of cache-database
maintenance, named may not be able to handle the cleanup events in a timely manner. This in
turn enables the list of queued cleanup events to grow infinitely large over time, allowing the
configured max-cache-size limit to be significantly exceeded.

Vulnerability Impact:
By exploiting this flaw, an attacker can cause the amount of
memory used by a named resolver to go well beyond the configured max-cache-size limit. The
effectiveness of the attack depends on a number of environmental factors, but in the worst case
the attacker can exhaust all available memory on the host running named, leading to a
denial-of-service condition.

Affected Software/OS:
ISC BIND version 9.16.0 through 9.16.45 and 9.16.8-S1 through
9.16.45-S1.

Solution:
Update to version 9.16.48, 9.16.48-S1 or later.

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2023-6516
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/
CVE-2023-6516
https://kb.isc.org/docs/cve-2023-6516
http://www.openwall.com/lists/oss-security/2024/02/13/1

Copyright Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.151717
Categoría:	Denial of Service
Título:	ISC BIND DoS Vulnerability (CVE-2023-6516) - Linux
Resumen:	ISC BIND is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: ISC BIND is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queued for later processing. It was discovered that if the resolver is continuously processing query patterns triggering this type of cache-database maintenance, named may not be able to handle the cleanup events in a timely manner. This in turn enables the list of queued cleanup events to grow infinitely large over time, allowing the configured max-cache-size limit to be significantly exceeded. Vulnerability Impact: By exploiting this flaw, an attacker can cause the amount of memory used by a named resolver to go well beyond the configured max-cache-size limit. The effectiveness of the attack depends on a number of environmental factors, but in the worst case the attacker can exhaust all available memory on the host running named, leading to a denial-of-service condition. Affected Software/OS: ISC BIND version 9.16.0 through 9.16.45 and 9.16.8-S1 through 9.16.45-S1. Solution: Update to version 9.16.48, 9.16.48-S1 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-6516 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/ CVE-2023-6516 https://kb.isc.org/docs/cve-2023-6516 http://www.openwall.com/lists/oss-security/2024/02/13/1
Copyright	Copyright (C) 2024 Greenbone AG