[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2019-6477Date: (C)2019-11-28   (M)2024-01-17


With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem).

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 7.5CVSS Score : 5.0
Exploit Score: 3.9Exploit Score: 10.0
Impact Score: 3.6Impact Score: 2.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector: NETWORK
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: NONEAuthentication: NONE
User Interaction: NONEConfidentiality: NONE
Scope: UNCHANGEDIntegrity: NONE
Confidentiality: NONEAvailability: PARTIAL
Integrity: NONE 
Availability: HIGH 
  
Reference:
DSA-4689
FEDORA-2019-73a8737068
FEDORA-2019-c703d2304a
https://kb.isc.org/docs/cve-2019-6477
https://support.f5.com/csp/article/K15840535?utm_source=f5support&%3Butm_medium=RSS
https://www.synology.com/security/advisory/Synology_SA_19_39
openSUSE-SU-2020:1699
openSUSE-SU-2020:1701

CPE    3
cpe:/a:isc:bind
cpe:/a:isc:bind:9.11.5:s6:~~supported_preview~~~
cpe:/a:isc:bind:9.11.6:p1
CWE    1
CWE-400
OVAL    21
oval:org.secpod.oval:def:503610
oval:org.secpod.oval:def:64144
oval:org.secpod.oval:def:66806
oval:org.secpod.oval:def:60792
...

© SecPod Technologies