CVE-2024-0760
CVE Details
Last Update
9/5/24
NIST CVE Summary
A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.
Our Official Summary
A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. In order to exploit this vulnerability, image in which this cve is reported has to be compromised and hacker has to gain privileged access. There are sufficient controls in place to consider the probability of occurrence as low. There is a fix available upstream and we are investigating upgrading to the fixed version.
CVE Severity
Status
Ongoing
Affected Products & Versions
- Palette VerteX 4.4.14
Revision History
- 1.0 09/05/2024 Initial Publication
- 2.0 09/05/2024 Added Palette VerteX 4.4.14 to Affected Products