exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 52

CVE-2023-50868

больше 1 года назад

The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 whe ...

CVSS3: 7.5

EPSS: Средний

CVE-2023-50387

больше 1 года назад

Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.

CVSS3: 7.5

EPSS: Средний

CVE-2023-50387

больше 1 года назад

CVSS3: 7.5

EPSS: Средний

CVE-2023-50387

больше 1 года назад

CVSS3: 7.5

EPSS: Средний

CVE-2023-50387

больше 1 года назад

MITRE: CVE-2023-50387 DNSSEC verification complexity can be exploited to exhaust CPU resources and stall DNS resolvers

EPSS: Средний

CVE-2023-50387

больше 1 года назад

Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6 ...

CVSS3: 7.5

EPSS: Средний

GHSA-pv4h-p8jr-6cv2

больше 1 года назад

The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations.

CVSS3: 7.5

EPSS: Средний

GHSA-8459-gg55-8qjj

больше 1 года назад

Certain DNSSEC aspects of the DNS protocol (in RFC 4035 and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses when there is a zone with many DNSKEY and RRSIG records, aka the "KeyTrap" issue. The protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.

CVSS3: 7.5

EPSS: Средний

BDU:2024-01462

больше 1 года назад

Уязвимость компонента DNSSEC реализации протокола DNS сервера DNS BIND, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 7.5

EPSS: Средний

BDU:2024-01359

больше 1 года назад

CVSS3: 7.5

EPSS: Средний

ROS-20240701-02

12 месяцев назад

Уязвимость dnsmasq

CVSS3: 7.5

EPSS: Средний

ROS-20240611-07

около 1 года назад

Уязвимость dnsmasq

CVSS3: 7.5

EPSS: Средний

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2023-50868 The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 whe ...	CVSS3: 7.5	48% Средний	больше 1 года назад
CVE-2023-50387 Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.	CVSS3: 7.5	40% Средний	больше 1 года назад
CVE-2023-50387 Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.	CVSS3: 7.5	40% Средний	больше 1 года назад
CVE-2023-50387 Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.	CVSS3: 7.5	40% Средний	больше 1 года назад
CVE-2023-50387 MITRE: CVE-2023-50387 DNSSEC verification complexity can be exploited to exhaust CPU resources and stall DNS resolvers		40% Средний	больше 1 года назад
CVE-2023-50387 Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6 ...	CVSS3: 7.5	40% Средний	больше 1 года назад
GHSA-pv4h-p8jr-6cv2 The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via DNSSEC responses in a random subdomain attack, aka the "NSEC3" issue. The RFC 5155 specification implies that an algorithm must perform thousands of iterations of a hash function in certain situations.	CVSS3: 7.5	48% Средний	больше 1 года назад
GHSA-8459-gg55-8qjj Certain DNSSEC aspects of the DNS protocol (in RFC 4035 and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses when there is a zone with many DNSKEY and RRSIG records, aka the "KeyTrap" issue. The protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.	CVSS3: 7.5	40% Средний	больше 1 года назад
BDU:2024-01462 Уязвимость компонента DNSSEC реализации протокола DNS сервера DNS BIND, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 7.5	48% Средний	больше 1 года назад
BDU:2024-01359 Уязвимость компонента DNSSEC реализации протокола DNS сервера DNS BIND, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 7.5	40% Средний	больше 1 года назад
ROS-20240701-02 Уязвимость dnsmasq	CVSS3: 7.5	48% Средний	12 месяцев назад
ROS-20240611-07 Уязвимость dnsmasq	CVSS3: 7.5	40% Средний	около 1 года назад

Уязвимостей на страницу