An issue was discovered in CoreDNS through 1.10.1. There is a vulnerability in DNS resolving software, which triggers a resolver to ignore valid responses, thus causing denial of service for normal resolution. In an exploit, the attacker could just forge a response targeting the source port of a vulnerable resolver without the need to guess the correct TXID.
Metrics
Affected Vendors & Products
References
History
Thu, 19 Sep 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 18 Sep 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An issue was discovered in CoreDNS through 1.10.1. There is a vulnerability in DNS resolving software, which triggers a resolver to ignore valid responses, thus causing denial of service for normal resolution. In an exploit, the attacker could just forge a response targeting the source port of a vulnerable resolver without the need to guess the correct TXID. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-09-18T00:00:00
Updated: 2024-09-18T18:19:21.066Z
Reserved: 2023-03-15T00:00:00
Link: CVE-2023-28452
Vulnrichment
Updated: 2024-09-18T18:19:18.389Z
NVD
Status : Awaiting Analysis
Published: 2024-09-18T15:15:13.957
Modified: 2024-09-20T12:30:17.483
Link: CVE-2023-28452
Redhat
No data.