CVE-2024-0760— A flood of DNS messages over TCP may make the server unstable
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-0760
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
A flood of DNS messages over TCP may make the server unstable
Source: NVD (National Vulnerability Database)
Vulnerability Description
A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
ISC BIND 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
ISC BIND是ISC开源的一套实现了DNS协议的开源软件。 ISC BIND 9存在安全漏洞,该漏洞源于TCP上的大量DNS消息可能会使服务器不稳定。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2024-0760
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | CVE-2024-0760 | https://github.com/SpiralBL0CK/CVE-2024-0760 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-0760
请登录查看更多情报信息。
Same Patch Batch · ISC · 2024-07-23 · 4 CVEs total
| CVE-2024-1737 | 7.5 HIGH | BIND's database will be slow if a very large number of RRs exist at the same name |
| CVE-2024-1975 | 7.5 HIGH | SIG(0) can be used to exhaust CPU resources |
| CVE-2024-4076 | 7.5 HIGH | Assertion failure when serving both stale cache data and authoritative zone content |
IV. Related Vulnerabilities
Same product: BIND 9
- CVE-2026-3591
A stack use-after-return flaw in SIG(0) handling code may en - CVE-2026-3119
Authenticated query containing a TKEY record may cause named - CVE-2026-3104
Memory leak in code preparing DNSSEC proofs of non-existence - CVE-2026-1519
Excessive NSEC3 iterations cause high CPU load during insecu - CVE-2025-13878
Malformed BRID/HHIT records can cause named to terminate une
Same vendor: ISC
- CVE-2026-3591
A stack use-after-return flaw in SIG(0) handling code may en - CVE-2026-3119
Authenticated query containing a TKEY record may cause named - CVE-2026-3104
Memory leak in code preparing DNSSEC proofs of non-existence - CVE-2026-1519
Excessive NSEC3 iterations cause high CPU load during insecu - CVE-2026-3608
Stack overflow in Kea daemons
V. Comments for CVE-2024-0760
No comments yet