ГлавнаяУязвимости → CVE-2024-0760
7.5высокая

CVE-2024-0760

→ есть в БДУ: BDU:2024-05771 (на русском)
Описание (на английском; русское — в БДУ выше)

A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.

CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
http://www.openwall.com/lists/oss-security/2024/07/23/1http://www.openwall.com/lists/oss-security/2024/07/31/2https://kb.isc.org/docs/cve-2024-0760http://www.openwall.com/lists/oss-security/2024/07/23/1https://kb.isc.org/docs/cve-2024-0760https://security.netapp.com/advisory/ntap-20240731-0004/