CVE-2024-0760

A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
http://www.openwall.com/lists/oss-security/2024/07/23/1
http://www.openwall.com/lists/oss-security/2024/07/31/2
https://kb.isc.org/docs/cve-2024-0760
http://www.openwall.com/lists/oss-security/2024/07/23/1
https://kb.isc.org/docs/cve-2024-0760
https://security.netapp.com/advisory/ntap-20240731-0004/

Configurations

No configuration.

History

No history.

Information

Published : 2024-07-23 15:15

Updated : 2024-11-21 08:47

NVD link : CVE-2024-0760

Mitre link : CVE-2024-0760

CVE.ORG link : CVE-2024-0760

JSON object : View

Products Affected

No product.

CWE

CWE-770

Allocation of Resources Without Limits or Throttling

{"id": "CVE-2024-0760", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-officer@isc.org", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-07-23T15:15:03.520", "references": [{"url": "http://www.openwall.com/lists/oss-security/2024/07/23/1", "source": "security-officer@isc.org"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/31/2", "source": "security-officer@isc.org"}, {"url": "https://kb.isc.org/docs/cve-2024-0760", "source": "security-officer@isc.org"}, {"url": "http://www.openwall.com/lists/oss-security/2024/07/23/1", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://kb.isc.org/docs/cve-2024-0760", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.netapp.com/advisory/ntap-20240731-0004/", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-770"}]}], "descriptions": [{"lang": "en", "value": "A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. \nThis issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1."}, {"lang": "es", "value": "Un cliente malintencionado puede enviar muchos mensajes DNS a trav\u00e9s de TCP, lo que podr\u00eda provocar que el servidor se vuelva inestable mientras el ataque est\u00e1 en curso. El servidor puede recuperarse una vez que cese el ataque. El uso de ACL no mitigar\u00e1 el ataque. Este problema afecta a las versiones 9.18.1 a 9.18.27, 9.19.0 a 9.19.24 y 9.18.11-S1 a 9.18.27-S1 de BIND 9."}], "lastModified": "2024-11-21T08:47:18.850", "sourceIdentifier": "security-officer@isc.org"}