Published: 13/02/2024 Updated: 03/05/2024

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure when: - `nxdomain-redirect <domain>;` is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versions 9.12.0 up to and including 9.16.45, 9.18.0 up to and including 9.18.21, 9.19.0 up to and including 9.19.19, 9.16.8-S1 up to and including 9.16.45-S1, and 9.18.11-S1 up to and including 9.18.21-S1.

DescriptionA flaw was found in the bind package which may result in a a Denial of Service in `named` process This is a result of a reachable assertion, leading `named` to prematurely terminate when both conditions are met: nxdomain-redirect for the queried domain is configured and the resolver receives a PTR query, used for a reverse DNS lo ...

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-5517

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect