A `named` instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache (RFC 8198) option (`synth-from-dnssec`) enabled can be remotely terminated using a zone with a malformed NSEC record.
This issue affects BIND 9 versions 9.16.8-S1 through 9.16.41-S1 and 9.18.11-S1 through 9.18.15-S1.
References
Link | Resource |
---|---|
https://kb.isc.org/docs/cve-2023-2829 | Vendor Advisory |
https://security.netapp.com/advisory/ntap-20230703-0010/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
History
03 Jul 2023, 19:11
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://kb.isc.org/docs/cve-2023-2829 - Vendor Advisory | |
References | (MISC) https://security.netapp.com/advisory/ntap-20230703-0010/ - Third Party Advisory | |
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:isc:bind:*:*:*:*:supported_preview:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* |
|
First Time |
Netapp h410c
Netapp h700s Netapp h410s Firmware Netapp h500s Firmware Netapp h410s Netapp h700s Firmware Isc Isc bind Netapp h410c Firmware Netapp h300s Firmware Netapp h500s Netapp Netapp active Iq Unified Manager Netapp h300s |
03 Jul 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
21 Jun 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-21 17:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-2829
Mitre link : CVE-2023-2829
CVE.ORG link : CVE-2023-2829
JSON object : View
Products Affected
isc
- bind
netapp
- h300s
- h300s_firmware
- h700s_firmware
- h500s_firmware
- h410c_firmware
- h700s
- h500s
- h410s_firmware
- h410s
- h410c
- active_iq_unified_manager
CWE