CVSS: 7.5EPSS: 5%CPEs: 21EXPL: 1CVE-2023-50387 – bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator
https://notcve.org/view.php?id=CVE-2023-50387
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records. Ciertos aspectos DNSSEC del protocolo DNS (en RFC 4035 y RFC relacionados) permiten a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través de una o más respuestas DNSSEC cuando hay una zona con muchos registros DNSKEY y RRSIG, también conocido como "KeyTrap". " asunto. La especificación del protocolo implica que un algoritmo debe evaluar todas las combinaciones de registros DNSKEY y RRSIG. Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled. • https://github.com/knqyf263/CVE-2023-50387 http://www.openwall.com/lists/oss-security/2024/02/16/2 http://www.openwall.com/lists/oss-security/2024/02/16/3 https://access.redhat.com/security/cve/CVE-2023-50387 https://bugzilla.suse.com/show_bug.cgi?id=1219823 https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1 https://kb.isc.org/docs/cve-2023-50387 https://lists&# • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39916 – Possible path traversal when storing RRDP responses
https://notcve.org/view.php?id=CVE-2023-39916
NLnet Labs’ Routinator 0.9.0 up to and including 0.12.1 contains a possible path traversal vulnerability in the optional, off-by-default keep-rrdp-responses feature that allows users to store the content of responses received for RRDP requests. The location of these stored responses is constructed from the URL of the request. Due to insufficient sanitation of the URL, it is possible for an attacker to craft a URL that results in the response being stored outside of the directory specified for it. Routinator 0.9.0 de NLnet Labs hasta 0.12.1 inclusive contiene una posible vulnerabilidad de Path Traversal en la función opcional keep-rrdp-responses, desactivada por defecto, que permite a los usuarios almacenar el contenido de las respuestas recibidas para solicitudes RRDP. La ubicación de estas respuestas almacenadas se construye a partir de la URL de la solicitud. • https://nlnetlabs.nl/downloads/routinator/CVE-2023-39916.txt • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-35: Path Traversal: '.../ •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39915 – Crashes on parsing certain invalid RPKI objects
https://notcve.org/view.php?id=CVE-2023-39915
NLnet Labs’ Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. This is due to insufficient input checking in the bcder library covered by CVE-2023-39914. El Routinator de NLnet Labs hasta la versión 0.12.1 incluida puede fallar al intentar analizar ciertos objetos RPKI con formato incorrecto. Esto se debe a una verificación de entrada insuficiente en la biblioteca bder cubierta por CVE-2023-39914. NLnet Labs' Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. • https://nlnetlabs.nl/downloads/routinator/CVE-2023-39915.txt • CWE-228: Improper Handling of Syntactically Invalid Structure CWE-232: Improper Handling of Undefined Values CWE-240: Improper Handling of Inconsistent Structural Elements •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39914 – BER/CER/DER decoder panics on invalid input
https://notcve.org/view.php?id=CVE-2023-39914
NLnet Labs’ bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding. La biblioteca bder de NLnet Labs hasta la versión 0.7.2 incluida entra en pánico al decodificar ciertos datos de entrada no válidos en lugar de rechazar los datos con un error. Esto puede afectar tanto a la etapa de decodificación real como al acceso a contenidos de tipos que utilizaron decodificación retrasada. NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. • https://nlnetlabs.nl/downloads/bcder/CVE-2023-39914.txt • CWE-228: Improper Handling of Syntactically Invalid Structure CWE-232: Improper Handling of Undefined Values CWE-240: Improper Handling of Inconsistent Structural Elements •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0158 – Triggered crash on direct RRDP access
https://notcve.org/view.php?id=CVE-2023-0158
NLnet Labs Krill supports direct access to the RRDP repository content through its built-in web server at the "/rrdp" endpoint. Prior to 0.12.1 a direct query for any existing directory under "/rrdp/", rather than an RRDP file such as "/rrdp/notification.xml" as would be expected, causes Krill to crash. If the built-in "/rrdp" endpoint is exposed directly to the internet, then malicious remote parties can cause the publication server to crash. The repository content is not affected by this, but the availability of the server and repository can cause issues if this attack is persistent and is not mitigated. NLnet Labs Krill admite el acceso directo al contenido del repositorio RRDP a través de su servidor web integrado en el endpoint "/rrdp". • https://www.nlnetlabs.nl/downloads/krill/CVE-2023-0158.txt • CWE-248: Uncaught Exception •