BIND DNS Flaw – Let Attackers Exploit Remotely


Security fixes have been issued that address three high-severity vulnerabilities in several versions of the Internet Systems Consortium (ISC’s) Berkeley Internet Name Domain (BIND DNS Flaw) 9.

An attacker might exploit these flaws remotely to result in denial-of-service conditions possibly.

CSN

BIND 9 is an open-source and fully featured comprehensive DNS system. BIND 9 may be configured as an authoritative name server, a resolver, and, on supported hosts, a stub resolver (through its name. conf file) BIND DNS Flaw.

The BIND DNS is used in major financial institutions, national & international carriers, ISPs, retailers, manufacturers, Universities, and Government organizations.

Vulnerabilities

CVE-2023-2828, named’s configured cache size limit can be significantly exceeded.

An attacker can use this problem to cause the amount of memory a named resolver utilizes to exceed the set max-cache-size limit

The attack’s success is determined by various parameters (e.g., query load, query patterns). Still, because the default value of the max-cache-size statement is 90%, the attacker can exhaust all available memory on the host running named, resulting in a denial-of-service issue.

Versions Affected:

BIND

  • 9.11.0 -> 9.16.41
  • 9.18.0 -> 9.18.15
  • 9.19.0 -> 9.19.13

BIND Supported Preview Edition

  • 9.11.3-S1 -> 9.16.41-S1
  • 9.18.11-S1 -> 9.18.15-S1

Solution

Upgrade to the patched release most closely related to your current version of BIND 9:

BIND Supported Preview Edition 

CVE-2023-2829, malformed NSEC records can cause names to terminate unexpectedly when synth-from-dnssec is enabled.

An attacker can cause the name to terminate abruptly by submitting particular queries to the resolver.

Versions Affected:

BIND Supported Preview Edition

  • 9.16.8-S1 -> 9.16.41-S1
  • 9.18.11-S1 -> 9.18.15-S1

Solution:

BIND Supported Preview Edition:

CVE-2023-2911, exceeding the recursive-clients quota, may cause the name to terminate unexpectedly when stale-answer-client-timeout is set to 0.

By sending specific queries to the resolver, an attacker can cause the name to terminate unexpectedly.

Versions Affected:

BIND

  • 9.16.33 -> 9.16.41
  • 9.18.7 -> 9.18.15

BIND Supported Preview Edition

  • 9.16.33-S1 -> 9.16.41-S1
  • 9.18.11-S1 -> 9.18.15-S1

Solution:

Upgrade to the patched release most closely related to your current version of BIND 9:

BIND Supported Preview Edition:

Hence, affected companies should examine the ISC security warnings and implement necessary upgrades or fixes.

Manage and secure Your Endpoints Efficiently – Free Download



Source link