Description

An issue was discovered in Technitium 11.0.2. There is a vulnerability (called BadDNS) in DNS resolving software, which triggers a resolver to ignore valid responses, thus causing DoS (denial of service) for normal resolution. The effects of an exploit would be widespread and highly impactful, because the attacker could just forge a response targeting the source port of a vulnerable resolver without the need to guess the correct TXID.

INFO

Published Date :

2024-09-18T00:00:00.000Z

Last Modified :

2024-09-18T18:29:11.073Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2023-28451 vulnerability.

Vendors Products
Technitium
  • Dns Server
  • Dnsserver
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-28451.

URL Resource
https://gist.github.com/idealeer/89947ca07836fd0f7e9761198ca9a0f3. cve-icon cve-icon
https://technitium.com/dns/ cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact