/

CVE-2023-2828 Report - Details, Severity, & Advisories...

CVE-2023-2828 Report - Details, Severity, & Advisories

Twingate Team

Jan 25, 2024

CVE-2023-2828 is a high-severity vulnerability affecting certain versions of BIND 9, a widely used Domain Name Server (DNS) software. This vulnerability allows the configured max-cache-size limit to be significantly exceeded, potentially leading to a denial-of-service condition. Systems running the affected versions of BIND 9 are at risk.

How do I know if I'm affected?

If you're using BIND 9, a popular Domain Name Server (DNS) software, you might be affected by the vulnerability. This issue can cause the configured max-cache-size limit to be significantly exceeded, potentially leading to a denial-of-service condition. To know if you're affected, check if you're using any of these versions:

  • BIND: 9.11.0 to 9.16.41, 9.18.0 to 9.18.15, 9.19.0 to 9.19.13

  • BIND Supported Preview Edition: 9.11.3-S1 to 9.16.41-S1, 9.18.11-S1 to 9.18.15-S1

  • Debian 10 buster: bind9 version 1:9.11.5.P4+dfsg-5.1+deb10u9 or earlier

  • Fedora 37 with bind-dyndb-ldap version 11.10-15.fc37

If you're using any of these versions, you may be at risk. It's important to stay informed and take necessary precautions to protect your system.

What should I do if I'm affected?

If you're affected by the vulnerability, it's important to upgrade your BIND 9 software to a patched release. For Debian 10 buster users, upgrade bind9 packages to version 1:9.11.5.P4+dfsg-5.1+deb10u9. Fedora 37 users should update the bind-dyndb-ldap package to version 11.10-15.fc37. Upgrading will help protect your system from potential denial-of-service attacks.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The vulnerability, also known as the BIND 9 Cache Size Limit Bypass Vulnerability, is not listed in CISA's Known Exploited Vulnerabilities Catalog. This high-severity issue allows the configured max-cache-size limit to be significantly exceeded, potentially leading to a denial-of-service condition. To protect your system, it's important to update to a non-vulnerable version of BIND or apply the necessary patches provided by the vendor.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-770, which can cause the configured cache size limit to be significantly exceeded, potentially leading to a denial-of-service attack.

For more details

CVE-2023-2828 is a high-severity vulnerability affecting BIND 9, with potential consequences such as denial-of-service attacks. By understanding its impact, severity, technical details, and affected software configurations, users can take appropriate measures to protect their systems. For a comprehensive overview of this vulnerability, visit the NVD page or the links below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2023-2828 Report - Details, Severity, & Advisories...

CVE-2023-2828 Report - Details, Severity, & Advisories

Twingate Team

Jan 25, 2024

CVE-2023-2828 is a high-severity vulnerability affecting certain versions of BIND 9, a widely used Domain Name Server (DNS) software. This vulnerability allows the configured max-cache-size limit to be significantly exceeded, potentially leading to a denial-of-service condition. Systems running the affected versions of BIND 9 are at risk.

How do I know if I'm affected?

If you're using BIND 9, a popular Domain Name Server (DNS) software, you might be affected by the vulnerability. This issue can cause the configured max-cache-size limit to be significantly exceeded, potentially leading to a denial-of-service condition. To know if you're affected, check if you're using any of these versions:

  • BIND: 9.11.0 to 9.16.41, 9.18.0 to 9.18.15, 9.19.0 to 9.19.13

  • BIND Supported Preview Edition: 9.11.3-S1 to 9.16.41-S1, 9.18.11-S1 to 9.18.15-S1

  • Debian 10 buster: bind9 version 1:9.11.5.P4+dfsg-5.1+deb10u9 or earlier

  • Fedora 37 with bind-dyndb-ldap version 11.10-15.fc37

If you're using any of these versions, you may be at risk. It's important to stay informed and take necessary precautions to protect your system.

What should I do if I'm affected?

If you're affected by the vulnerability, it's important to upgrade your BIND 9 software to a patched release. For Debian 10 buster users, upgrade bind9 packages to version 1:9.11.5.P4+dfsg-5.1+deb10u9. Fedora 37 users should update the bind-dyndb-ldap package to version 11.10-15.fc37. Upgrading will help protect your system from potential denial-of-service attacks.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The vulnerability, also known as the BIND 9 Cache Size Limit Bypass Vulnerability, is not listed in CISA's Known Exploited Vulnerabilities Catalog. This high-severity issue allows the configured max-cache-size limit to be significantly exceeded, potentially leading to a denial-of-service condition. To protect your system, it's important to update to a non-vulnerable version of BIND or apply the necessary patches provided by the vendor.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-770, which can cause the configured cache size limit to be significantly exceeded, potentially leading to a denial-of-service attack.

For more details

CVE-2023-2828 is a high-severity vulnerability affecting BIND 9, with potential consequences such as denial-of-service attacks. By understanding its impact, severity, technical details, and affected software configurations, users can take appropriate measures to protect their systems. For a comprehensive overview of this vulnerability, visit the NVD page or the links below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2023-2828 Report - Details, Severity, & Advisories

Twingate Team

Jan 25, 2024

CVE-2023-2828 is a high-severity vulnerability affecting certain versions of BIND 9, a widely used Domain Name Server (DNS) software. This vulnerability allows the configured max-cache-size limit to be significantly exceeded, potentially leading to a denial-of-service condition. Systems running the affected versions of BIND 9 are at risk.

How do I know if I'm affected?

If you're using BIND 9, a popular Domain Name Server (DNS) software, you might be affected by the vulnerability. This issue can cause the configured max-cache-size limit to be significantly exceeded, potentially leading to a denial-of-service condition. To know if you're affected, check if you're using any of these versions:

  • BIND: 9.11.0 to 9.16.41, 9.18.0 to 9.18.15, 9.19.0 to 9.19.13

  • BIND Supported Preview Edition: 9.11.3-S1 to 9.16.41-S1, 9.18.11-S1 to 9.18.15-S1

  • Debian 10 buster: bind9 version 1:9.11.5.P4+dfsg-5.1+deb10u9 or earlier

  • Fedora 37 with bind-dyndb-ldap version 11.10-15.fc37

If you're using any of these versions, you may be at risk. It's important to stay informed and take necessary precautions to protect your system.

What should I do if I'm affected?

If you're affected by the vulnerability, it's important to upgrade your BIND 9 software to a patched release. For Debian 10 buster users, upgrade bind9 packages to version 1:9.11.5.P4+dfsg-5.1+deb10u9. Fedora 37 users should update the bind-dyndb-ldap package to version 11.10-15.fc37. Upgrading will help protect your system from potential denial-of-service attacks.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The vulnerability, also known as the BIND 9 Cache Size Limit Bypass Vulnerability, is not listed in CISA's Known Exploited Vulnerabilities Catalog. This high-severity issue allows the configured max-cache-size limit to be significantly exceeded, potentially leading to a denial-of-service condition. To protect your system, it's important to update to a non-vulnerable version of BIND or apply the necessary patches provided by the vendor.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-770, which can cause the configured cache size limit to be significantly exceeded, potentially leading to a denial-of-service attack.

For more details

CVE-2023-2828 is a high-severity vulnerability affecting BIND 9, with potential consequences such as denial-of-service attacks. By understanding its impact, severity, technical details, and affected software configurations, users can take appropriate measures to protect their systems. For a comprehensive overview of this vulnerability, visit the NVD page or the links below.