Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-6477

Опубликовано: 26 нояб. 2019
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem).

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
Версия от 9.11.7 (включая) до 9.11.12 (включая)
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
Версия от 9.14.1 (включая) до 9.14.7 (включая)
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
Версия от 9.15.0 (включая) до 9.15.5 (включая)
cpe:2.3:a:isc:bind:9.11.5:s6:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.6:p1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.6:rc1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.12:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.12.4:p1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.12.4:p2:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

EPSS

Процентиль: 90%
0.05682
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-400

Связанные уязвимости

ubuntu логотип

CVE-2019-6477

CVSS3: 7.5
ubuntu
около 6 лет назад

With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem).

redhat логотип

CVE-2019-6477

CVSS3: 7.5
redhat
около 6 лет назад

With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem).

debian логотип

CVE-2019-6477

CVSS3: 7.5
debian
около 6 лет назад

With pipelining enabled each incoming query on a TCP connection requir ...

github логотип

GHSA-6q2x-892r-7qm4

CVSS3: 7.5
github
больше 3 лет назад

With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem).

oracle-oval логотип

ELSA-2020-1845

oracle-oval
почти 6 лет назад

ELSA-2020-1845: bind security, bug fix, and enhancement update (MODERATE)

EPSS

Процентиль: 90%
0.05682
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-400