Clients using DNS-over-HTTPS (DoH) can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1.

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7241-1 advisory.

    Toshifumi Sakaguchi discovered that Bind incorrectly handled many records in the additional section. A     remote attacker could possibly use this issue to cause Bind to consume CPU resources, leading to a denial     of service. (CVE-2024-11187)

    Jean-Franois Billaud discovered that the Bind DNS-over-HTTPS implementation incorrectly handled a heavy     query load. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to     a denial of service. (CVE-2024-12705)

Tenable has extracted the preceding description block directly from the Ubuntu security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5854 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-5854-1                   security@debian.org     https://www.debian.org/security/                     Salvatore Bonaccorso     January 29, 2025                      https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : bind9     CVE ID         : CVE-2024-11187 CVE-2024-12705

    Several vulnerabilities were discovered in BIND, a DNS server     implementation, which may result in denial of service.

    For the stable distribution (bookworm), these problems have been fixed in     version 1:9.18.33-1~deb12u2.

    We recommend that you upgrade your bind9 packages.

    For the detailed security status of bind9 please refer to its security     tracker page at:
    https://security-tracker.debian.org/tracker/bind9

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of bind installed on the remote host is prior to 9.18.33 / 9.20.5. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-029-01 advisory.

    New bind packages are available for Slackware 15.0 and -current to fix security issues.

Tenable has extracted the preceding description block directly from the bind security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
214790	Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Bind vulnerabilities (USN-7241-1)	Nessus	Ubuntu Local Security Checks	high
214787	Debian dsa-5854 : bind9 - security update	Nessus	Debian Local Security Checks	high
214786	Slackware Linux 15.0 / current bind Multiple Vulnerabilities (SSA:2025-029-01)	Nessus	Slackware Local Security Checks	high

Detections

Analytics

CVE-2024-12705

high

Tenable Plugins

high

high

high