Preface: Operating system · Linux, NetBSD, FreeBSD, OpenBSD, macOS, Windows · Type · DNS server · License · Mozilla Public License (ISC license before 9.11). Website, www.isc.org/downloads/bind. BIND is the most widely used Domain Name System (DNS).
Alert: A design limitation of BIND let remote attacker could exploit these vulnerabilities to cause a denial-of-service condition. Official details shown as below:
CVE-2019-6467: https://kb.isc.org/docs/cve-2019-6467
CVE-2019-6468: https://kb.isc.org/docs/cve-2019-6468
CVE-2018-5743: https://kb.isc.org/docs/cve-2018-5743
Technical highlight: CVE-2018-5743 flaw impact the limiting simultaneous TCP clients is ineffective. It potentially lead to exhaustion of all available free file descriptors on that system. That is, when you open a file, the operating system creates an entry to represent that file and store the information about that opened file. So if there are 50 files opened in your OS then there will be 50 entries in OS (somewhere in kernel). So it may potential trigger additional unknown vulnerability.
Good blog! I truly love how it is easy on my eyes and the data are well written. I’m wondering how I might be notified whenever a new post has been made. I have subscribed to your feed which must do the trick! Have a great day!