CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
54.0%
The vulnerability in the BIND DNS server is related to a stack buffer overflow when BIND is acting as a “resolver” when the number of recursive queries has reached an acceptable maximum and the server settings have been configured.
“resolver”, when the number of recursive queries has reached an acceptable maximum and the server settings
allow previously cached responses to be returned. Exploitation of the vulnerability could allow an attacker,
acting remotely to cause a denial of service.
The vulnerability in the DNS BIND server is related to the application not properly controlling the consumption of internal resources.
of internal resources. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service.
the amount of memory used by the named resolver beyond the configured
maximum cache size.