CVE-2023-28451

An issue was discovered in Technitium 11.0.2. There is a vulnerability (called BadDNS) in DNS resolving software, which triggers a resolver to ignore valid responses, thus causing DoS (denial of service) for normal resolution. The effects of an exploit would be widespread and highly impactful, because the attacker could just forge a response targeting the source port of a vulnerable resolver without the need to guess the correct TXID.
Configurations

Configuration 1 (hide)

cpe:2.3:a:technitium:dnsserver:11.0.2:*:*:*:*:*:*:*

History

22 Apr 2025, 14:18

Type Values Removed Values Added
CPE cpe:2.3:a:technitium:dnsserver:11.0.2:*:*:*:*:*:*:*
First Time Technitium dnsserver
Technitium
References () https://gist.github.com/idealeer/89947ca07836fd0f7e9761198ca9a0f3. - () https://gist.github.com/idealeer/89947ca07836fd0f7e9761198ca9a0f3. - Broken Link
References () https://technitium.com/dns/ - () https://technitium.com/dns/ - Product

Information

Published : 2024-09-18 15:15

Updated : 2025-04-22 14:18


NVD link : CVE-2023-28451

Mitre link : CVE-2023-28451

CVE.ORG link : CVE-2023-28451


JSON object : View

Products Affected

technitium

  • dnsserver
CWE
CWE-400

Uncontrolled Resource Consumption