Showing 1 - 13 of 13

CVE-2023-3341

Status Candidate

Overview

The code that processes control channel messages sent to `named` calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory, causing `named` to terminate unexpectedly. Since each incoming control channel message is fully parsed before its contents are authenticated, exploiting this flaw does not require the attacker to hold a valid RNDC key; only network access to the control channel's configured TCP port is necessary. This issue affects BIND 9 versions 9.2.0 through 9.16.43, 9.18.0 through 9.18.18, 9.19.0 through 9.19.16, 9.9.3-S1 through 9.16.43-S1, and 9.18.0-S1 through 9.18.18-S1.

Related Files

Red Hat Security Advisory 2023-5771-01: Posted Oct 17, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5771-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, protocol; systems | linux, redhat; advisories | CVE-2023-3341; SHA-256 | af194c6df8cfaa1ab3dbeb343af35d63f04ba586031d82f0f4a5fc2d225b5647; Download | Favorite | View

Red Hat Security Advisory 2023-5691-01: Posted Oct 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5691-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, protocol; systems | linux, redhat; advisories | CVE-2023-3341; SHA-256 | ef0fccfa13f0088c8c7983b6384bc122d539eeec962b4c7c6f446bebe2021f98; Download | Favorite | View

Red Hat Security Advisory 2023-5690-01: Posted Oct 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5690-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, protocol; systems | linux, redhat; advisories | CVE-2023-3341; SHA-256 | db57c7cd9d1e1aef9441327061772b925a649c708263740e311af85b1caaee97; Download | Favorite | View

Red Hat Security Advisory 2023-5689-01: Posted Oct 13, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5689-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, protocol; systems | linux, redhat; advisories | CVE-2023-3341; SHA-256 | 9f89b632a4ba1ce9ee66daefae3bbd565e3b847365e39bd7efcbb103eec4bde1; Download | Favorite | View

Red Hat Security Advisory 2023-5527-01: Posted Oct 10, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5527-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, protocol; systems | linux, redhat; advisories | CVE-2023-3341; SHA-256 | 3418eadaa4fb2fc4310cbd19546049419249f12bb341927d8b4c9defb24d14c0; Download | Favorite | View

Red Hat Security Advisory 2023-5529-01: Posted Oct 10, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5529-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, protocol; systems | linux, redhat; advisories | CVE-2023-3341; SHA-256 | 8667758bff71bea719bffdf4aa796c1ee02fb0f8b8c79a7360f80aab0c494d51; Download | Favorite | View

Red Hat Security Advisory 2023-5526-01: Posted Oct 10, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5526-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, protocol; systems | linux, redhat; advisories | CVE-2023-3341; SHA-256 | ef060f8816a3c5c48181d77caf64f9416fd668e0976c0c1a69f57e57deee5bf9; Download | Favorite | View

Ubuntu Security Notice USN-6421-1: Posted Oct 9, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6421-1 - It was discovered that Bind incorrectly handled certain control channel messages. A remote attacker with access to the control channel could possibly use this issue to cause Bind to crash, resulting in a denial of service.; tags | advisory, remote, denial of service; systems | linux, ubuntu; advisories | CVE-2023-3341; SHA-256 | 16de65c7aa51273ab7badf3eb25eb0e019362a758426776599b21be001099910; Download | Favorite | View

Red Hat Security Advisory 2023-5474-01: Posted Oct 6, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5474-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, protocol; systems | linux, redhat; advisories | CVE-2023-3341; SHA-256 | ae46341219b2d0e6de1635536f5b62db8bb572a2cadfdcb004e931d3ac4f6991; Download | Favorite | View

Red Hat Security Advisory 2023-5473-01: Posted Oct 6, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5473-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, protocol; systems | linux, redhat; advisories | CVE-2023-3341; SHA-256 | 22909898443e5e5c543149af206aabaf72b9f70299add97dce4cddb992e72948; Download | Favorite | View

Red Hat Security Advisory 2023-5460-01: Posted Oct 6, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-5460-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service, protocol; systems | linux, redhat; advisories | CVE-2023-3341; SHA-256 | e6c7e7a5c6631b9c8541229fc5811f94729dedc53b71a7c39fc90c59dd5697db; Download | Favorite | View

Debian Security Advisory 5504-1: Posted Sep 25, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5504-1 - Several vulnerabilities were discovered in BIND, a DNS server implementation.; tags | advisory, vulnerability; systems | linux, debian; advisories | CVE-2023-3341, CVE-2023-4236; SHA-256 | d08a45f75291405aa2fc709f550a23b9901e1dce097ebf1ca545a9a498d0dbd8; Download | Favorite | View

Ubuntu Security Notice USN-6390-1: Posted Sep 21, 2023; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6390-1 - It was discovered that Bind incorrectly handled certain control channel messages. A remote attacker with access to the control channel could possibly use this issue to cause Bind to crash, resulting in a denial of service. Robert Story discovered that Bind incorrectly handled certain DNS-over-TLS queries. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.; tags | advisory, remote, denial of service; systems | linux, ubuntu; advisories | CVE-2023-3341, CVE-2023-4236; SHA-256 | e4041908fd214dd1780282d9e6d3057954c45306f5a3646b3c1109ebf89ef79a; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 227 files
indoushka 136 files
Ubuntu 66 files
Gentoo 33 files
Debian 27 files
Sebastian Hamann 8 files
Jann Horn 7 files
Moritz Abrell 6 files
Jaggar Henry 6 files
Google Security Research 6 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,929)
Debian (7,112)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (380)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,946)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,659)
Slackware (941)
Solaris (1,612)
SUSE (1,444)
Ubuntu (9,784)
UNIX (9,443)
UnixWare (187)
Windows (6,680)
Other

CVE-2023-3341

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems