Race condition

2020-06-0518:15:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.4%

JSON

XACK DNS 1.11.0 to 1.11.4, 1.10.0 to 1.10.8, 1.8.0 to 1.8.23, 1.7.0 to 1.7.18, and versions before 1.7.0 allow remote attackers to cause a denial of service condition resulting in degradation of the recursive resolver’s performance or compromising the recursive resolver as a reflector in a reflection attack.

CPENameOperatorVersion
xack_dnsle1.7.18
xack_dnsge1.8.0
xack_dnsle1.8.23
xack_dnsge1.10.0
xack_dnsle1.10.8
xack_dnsge1.11.0
xack_dnsle1.11.4

Name	Operator	Version
xack_dns	le	1.7.18
xack_dns	ge	1.8.0
xack_dns	le	1.8.23
xack_dns	ge	1.10.0
xack_dns	le	1.10.8
xack_dns	ge	1.11.0
xack_dns	le	1.11.4

References

jvn.jp/en/jp/JVN40208370/index.html

xack.co.jp/info/?ID=622