mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
154 lines
5.9 KiB
JSON
154 lines
5.9 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-1737",
|
|
"ASSIGNER": "security-officer@isc.org",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname (of any RTYPE) can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name.\nThis issue affects BIND 9 versions 9.11.0 through 9.11.37, 9.16.0 through 9.16.50, 9.18.0 through 9.18.27, 9.19.0 through 9.19.24, 9.11.4-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.50-S1, and 9.18.11-S1 through 9.18.27-S1."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "ISC",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "BIND 9",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "<=",
|
|
"version_name": "9.11.0",
|
|
"version_value": "9.11.37"
|
|
},
|
|
{
|
|
"version_affected": "<=",
|
|
"version_name": "9.16.0",
|
|
"version_value": "9.16.50"
|
|
},
|
|
{
|
|
"version_affected": "<=",
|
|
"version_name": "9.18.0",
|
|
"version_value": "9.18.27"
|
|
},
|
|
{
|
|
"version_affected": "<=",
|
|
"version_name": "9.19.0",
|
|
"version_value": "9.19.24"
|
|
},
|
|
{
|
|
"version_affected": "<=",
|
|
"version_name": "9.11.4-S1",
|
|
"version_value": "9.11.37-S1"
|
|
},
|
|
{
|
|
"version_affected": "<=",
|
|
"version_name": "9.16.8-S1",
|
|
"version_value": "9.16.50-S1"
|
|
},
|
|
{
|
|
"version_affected": "<=",
|
|
"version_name": "9.18.11-S1",
|
|
"version_value": "9.18.27-S1"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://kb.isc.org/docs/cve-2024-1737",
|
|
"refsource": "MISC",
|
|
"name": "https://kb.isc.org/docs/cve-2024-1737"
|
|
},
|
|
{
|
|
"url": "https://kb.isc.org/docs/rrset-limits-in-zones",
|
|
"refsource": "MISC",
|
|
"name": "https://kb.isc.org/docs/rrset-limits-in-zones"
|
|
},
|
|
{
|
|
"url": "http://www.openwall.com/lists/oss-security/2024/07/23/1",
|
|
"refsource": "MISC",
|
|
"name": "http://www.openwall.com/lists/oss-security/2024/07/23/1"
|
|
},
|
|
{
|
|
"url": "http://www.openwall.com/lists/oss-security/2024/07/31/2",
|
|
"refsource": "MISC",
|
|
"name": "http://www.openwall.com/lists/oss-security/2024/07/31/2"
|
|
}
|
|
]
|
|
},
|
|
"source": {
|
|
"discovery": "EXTERNAL"
|
|
},
|
|
"work_around": [
|
|
{
|
|
"lang": "en",
|
|
"value": "No workarounds known."
|
|
}
|
|
],
|
|
"exploit": [
|
|
{
|
|
"lang": "en",
|
|
"value": "We are not aware of any active exploits."
|
|
}
|
|
],
|
|
"solution": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Upgrade to the patched release most closely related to your current version of BIND 9: 9.18.28, 9.20.0, or 9.18.28-S1."
|
|
}
|
|
],
|
|
"credits": [
|
|
{
|
|
"lang": "en",
|
|
"value": "ISC would like to thank Toshifumi Sakaguchi for bringing this vulnerability to our attention."
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"version": "3.1",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "HIGH",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"baseScore": 7.5,
|
|
"baseSeverity": "HIGH"
|
|
}
|
|
]
|
|
}
|
|
} |