You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2023 3341
About this tag
CVE-2023-3341 is a critical denial-of-service vulnerability in ISC BIND 9, one of the most widely deployed DNS server implementations. The flaw resides in the control-channel parsing logic, where a deep, remotely exploitable error can exhaust the process stack and crash the named daemon. Attackers with network access to the control port can trigger this condition, leading to service disruption. The vulnerability was disclosed in September 2023, and patches are available from ISC. Administrators are advised to apply updates or restrict access to the control channel to mitigate risk. This tag covers discussions on the vulnerability's impact, exploitation, and remediation steps for BIND 9 deployments.
A deep, remotely exploitable flaw in ISC BIND 9’s control-channel parsing can exhaust a process’s stack and crash the DNS daemon named, allowing attackers with network access to the control port to trigger a denial-of-service condition unless systems are patched or access is restricted...