Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-3341

Опубликовано: 20 сент. 2023
Источник: nvd
CVSS3: 7.5
EPSS Низкий

Описание

The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing named to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key; only network access to the control channel's configured TCP port is necessary. This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*
Версия от 9.2.0 (включая) до 9.16.44 (исключая)
cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*
Версия от 9.18.0 (включая) до 9.18.19 (исключая)
cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*
Версия от 9.19.0 (включая) до 9.19.17 (исключая)
cpe:2.3:a:isc:bind:9.9.3:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.9.12:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.9.13:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.10.5:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.10.7:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.3:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.3:s4:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.4:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.5:s6:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.6:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.7:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.8:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.12:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.21:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.27:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.29:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.35:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.11.37:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.8:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.11:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.12:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.13:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.14:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.21:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.32:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.36:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.16.43:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.18.0:s1:*:*:supported_preview:*:*:*
cpe:2.3:a:isc:bind:9.18.18:s1:*:*:supported_preview:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 38%
0.0016
Низкий

7.5 High

CVSS3

Дефекты

CWE-787

Связанные уязвимости

ubuntu логотип

CVE-2023-3341

CVSS3: 7.5
ubuntu
почти 2 года назад

The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing `named` to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key; only network access to the control channel's configured TCP port is necessary. This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1.

redhat логотип

CVE-2023-3341

CVSS3: 7.5
redhat
почти 2 года назад

The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing `named` to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key; only network access to the control channel's configured TCP port is necessary. This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1.

msrc логотип

CVE-2023-3341

CVSS3: 7.5
msrc
12 месяцев назад

Описание отсутствует

debian логотип

CVE-2023-3341

CVSS3: 7.5
debian
почти 2 года назад

The code that processes control channel messages sent to `named` calls ...

suse-cvrf логотип

SUSE-SU-2023:3934-1

suse-cvrf
больше 1 года назад

Security update for bind

EPSS

Процентиль: 38%
0.0016
Низкий

7.5 High

CVSS3

Дефекты

CWE-787