CVE-2024-33655

Опубликовано: 09 мая 2024

Источник: redhat

CVSS3: 3.7

EPSS Низкий

Описание

The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service (resource consumption) by arranging for DNS queries to be accumulated for seconds, such that responses are later sent in a pulsing burst (which can be considered traffic amplification in some cases), aka the "DNSBomb" issue.

A DNSBomb flaw was found in the unbound package. The DNSBomb attack works by sending low-rate spoofed queries for a malicious zone to Unbound. By controlling the delay of the malicious authoritative answers, Unbound slowly accumulates pending answers for the spoofed addresses. When the authoritative answers become available to Unbound at the same time, Unbound starts serving all the accumulated queries. This results in large-sized, concentrated response bursts to the spoofed addresses.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	unbound	Out of support scope
Red Hat Enterprise Linux 7	unbound	Out of support scope
Red Hat Enterprise Linux 8	unbound	Fix deferred
Red Hat Enterprise Linux 9	unbound	Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-400

https://bugzilla.redhat.com/show_bug.cgi?id=2279942unbound: DNSBomb vulnerability

EPSS

Процентиль: 86%

0.02839

Низкий

3.7 Low

CVSS3

Связанные уязвимости

CVE-2024-33655

CVSS3: 7.5

ubuntu

около 1 года назад

CVE-2024-33655

CVSS3: 7.5

nvd

около 1 года назад

CVE-2024-33655

CVSS3: 7.5

msrc

8 месяцев назад

Описание отсутствует

CVE-2024-33655

CVSS3: 7.5

debian

около 1 года назад

The DNS protocol in RFC 1035 and updates allows remote attackers to ca ...

GHSA-2xh4-pf7v-vh6h

CVSS3: 7.5

github

около 1 года назад

EPSS

Процентиль: 86%

0.02839

Низкий

3.7 Low

CVSS3