cve/CVE-2023-50387.md at b8bb3913ae5ed6689c69f4d953bda7435b2f2da7

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 6100550298 Update CVE sources 2024-06-22 09:37

2024-06-22 09:37:59 +00:00

Description

Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.

POC

Reference

https://www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-researchers/

Github

https://github.com/GitHubForSnap/knot-resolver-gael
https://github.com/GrigGM/05-virt-04-docker-hw
https://github.com/fkie-cad/nvd-json-data-feeds
https://github.com/fokypoky/places-list
https://github.com/giterlizzi/secdb-feeds
https://github.com/hackingyseguridad/dnssec
https://github.com/knqyf263/CVE-2023-50387
https://github.com/marklogic/marklogic-docker
https://github.com/nomi-sec/PoC-in-GitHub

1.3 KiB Raw Blame History

CVE-2023-50387

Description

POC

Reference

Github

1.3 KiB

Raw Blame History