{"uuid": "bdad4ada-0571-48ea-97aa-f470f3b2612c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4408", "type": "seen", "source": "https://t.me/arpsyndicate/4617", "content": "#ExploitObserverAlert\n\nCVE-2023-4408\n\nDESCRIPTION: Exploit Observer has 11 entries in 4 file formats related to CVE-2023-4408. The DNS message parsing code in `named` includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected `named` instance by exploiting this flaw. This issue affects both authoritative servers and recursive resolvers. This issue affects BIND 9 versions 9.0.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.\n\nFIRST-EPSS: 0.000810000\nNVD-IS: 3.6\nNVD-ES: 3.9\nARPS-EXPLOITABILITY: 0.6482605", "creation_timestamp": "2024-04-13T01:03:48.000000Z"}