| VID |
19098 |
| Severity |
40 |
| Port |
53 |
| Protocol |
UDP |
| Class |
DNS |
| Detailed Description |
The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2023-2828 advisory.
- Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it defaults to 90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets from the cache, to keep memory use below the configured limit. It has been discovered that the effectiveness of the cache-cleaning algorithm used in named can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured max-cache-size limit to be significantly exceeded. By exploiting this flaw, an attacker can cause the amount of memory used by a named resolver to go well beyond the configured max-cache-size limit. The effectiveness of the attack depends on a number of factors (e.g. query load, query patterns), but since the default value of the max-cache-size statement is 90%, in the worst case the attacker can exhaust all available memory on the host running named, leading to a denial-of-service condition. (CVE-2023-2828)
* References:
https://kb.isc.org/v1/docs/cve-2023-2828
* Platforms Affected:
Internet Software Consortium, BIND version 9.18.0 < 9.18.16
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of BIND (9.18.16 or later), available from the Internet Software Consortium (ISC) Web site at http://www.isc.org/downloads/BIND/ |
| Related URL |
CVE-2023-2828 (CVE) |
| Related URL |
103189 (SecurityFocus) |
| Related URL |
(ISS) |
|
