ID de Prueba:	1.3.6.1.4.1.25623.1.0.151759
Categoría:	Denial of Service
Título:	Knot Resolver < 5.7.1 Multiple DoS Vulnerabilities (KeyTrap)
Resumen:	Knot Resolver is prone to multiple denial of service (DoS); vulnerabilities.
Descripción:	Summary: Knot Resolver is prone to multiple denial of service (DoS) vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2023-50387: KeyTrap - DNSSEC verification complexity could be exploited to exhaust CPU resources and stall DNS resolvers. - CVE-2023-50868: NSEC3 closest encloser proof can exhaust CPU Affected Software/OS: Knot Resolver prior to version 5.7.1. Solution: Update to version 5.7.1 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-50387 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVYA42BLXUCIDLD35YIJPJSHDIADNYMP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQESRWMJCF4JEYJEAKLRM6CT55GLJAB7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TEXGOYGW7DBS3N2QSSQONZ4ENIRQEAPG/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6FV5O347JTX7P5OZA6NGO4MKTXRXMKOZ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IGSLGKUAQTW5JPPZCMF5YPEYALLRUZZ6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUIP7T7Z4T3UHLXFWG6XIVDP4GYPD3AI/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/ https://access.redhat.com/security/cve/CVE-2023-50387 https://bugzilla.suse.com/show_bug.cgi?id=1219823 https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1 https://kb.isc.org/docs/cve-2023-50387 https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q1/017430.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387 https://news.ycombinator.com/item?id=39367411 https://news.ycombinator.com/item?id=39372384 https://nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/ https://www.athene-center.de/aktuelles/key-trap https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf https://www.isc.org/blogs/2024-bind-security-release/ https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/ https://www.theregister.com/2024/02/13/dnssec_vulnerability_internet/ https://lists.debian.org/debian-lts-announce/2024/02/msg00006.html https://lists.debian.org/debian-lts-announce/2024/05/msg00011.html http://www.openwall.com/lists/oss-security/2024/02/16/2 http://www.openwall.com/lists/oss-security/2024/02/16/3 Common Vulnerability Exposure (CVE) ID: CVE-2023-50868 https://access.redhat.com/security/cve/CVE-2023-50868 https://bugzilla.suse.com/show_bug.cgi?id=1219826 https://datatracker.ietf.org/doc/html/rfc5155 https://kb.isc.org/docs/cve-2023-50868
Copyright	Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.