github - ghsa-v3r3-642v-rqj8

ghsa-v3r3-642v-rqj8

Vulnerability from github

Published

2024-07-23 15:31

Modified

2024-07-31 12:31

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-0760"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-770"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-07-23T15:15:03Z",
    "severity": "HIGH"
  },
  "details": "A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. \nThis issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.",
  "id": "GHSA-v3r3-642v-rqj8",
  "modified": "2024-07-31T12:31:46Z",
  "published": "2024-07-23T15:31:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0760"
    },
    {
      "type": "WEB",
      "url": "https://kb.isc.org/docs/cve-2024-0760"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2024/07/23/1"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2024/07/31/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

cve-2024-0760

Vulnerability from cvelistv5

Published

2024-07-23 14:26

Modified

2024-08-13 20:36

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A flood of DNS messages over TCP may make the server unstable

References

▼	URL	Tags
	https://kb.isc.org/docs/cve-2024-0760	vendor-advisory
	http://www.openwall.com/lists/oss-security/2024/07/23/1
	http://www.openwall.com/lists/oss-security/2024/07/31/2

Impacted products

▼	Vendor	Product
	ISC	BIND 9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "bind",
            "vendor": "isc",
            "versions": [
              {
                "lessThanOrEqual": "9.18.27",
                "status": "affected",
                "version": "9.18.1",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.19.24",
                "status": "affected",
                "version": "9.19.0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "9.18.27-s1",
                "status": "affected",
                "version": "9.18.11-s1",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-0760",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-23T16:02:34.286057Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-770",
                "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-13T20:36:51.162Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:18:18.515Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20240731-0004/"
          },
          {
            "name": "CVE-2024-0760",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://kb.isc.org/docs/cve-2024-0760"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/23/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "BIND 9",
          "vendor": "ISC",
          "versions": [
            {
              "lessThanOrEqual": "9.18.27",
              "status": "affected",
              "version": "9.18.1",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "9.19.24",
              "status": "affected",
              "version": "9.19.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "9.18.27-S1",
              "status": "affected",
              "version": "9.18.11-S1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2024-07-23T00:00:00Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. \nThis issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "This flaw was discovered in internal testing. We are not aware of any active exploits."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "The server can become unresponsive until sometime after the attack ends."
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-23T14:26:54.983Z",
        "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "shortName": "isc"
      },
      "references": [
        {
          "name": "CVE-2024-0760",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://kb.isc.org/docs/cve-2024-0760"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/07/23/1"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/07/31/2"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.18.28, 9.20.0, or 9.18.28-S1."
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "A flood of DNS messages over TCP may make the server unstable",
      "workarounds": [
        {
          "lang": "en",
          "value": "No workarounds known."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
    "assignerShortName": "isc",
    "cveId": "CVE-2024-0760",
    "datePublished": "2024-07-23T14:26:54.983Z",
    "dateReserved": "2024-01-19T20:26:52.962Z",
    "dateUpdated": "2024-08-13T20:36:51.162Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted