Skip to content

Instantly share code, notes, and snippets.

@idealeer

idealeer/gist:e41c7fb3b661d4262d0b6f21e12168ba Secret

Last active September 18, 2024 02:09
Show Gist options
  • Save idealeer/e41c7fb3b661d4262d0b6f21e12168ba to your computer and use it in GitHub Desktop.
Save idealeer/e41c7fb3b661d4262d0b6f21e12168ba to your computer and use it in GitHub Desktop.
Download ZIP
Information for CVE-2023-28452, CVE-2023-30464
Raw
gistfile1.txt
CVE-2023-28452
> [Suggested description]
> An issue was discovered in CoreDNS through 1.10.1.
> There is a vulnerability (called TuDoor Attack) in DNS resolving software,
> which triggers a resolver to ignore valid responses, thus causing DoS
> (denial of service) for normal resolution. The effects of an exploit
> would be widespread and highly impactful, because the attacker could just
> forge a response targeting the source port of a vulnerable resolver
> without the need to guess the correct TXID.
>
> ------------------------------------------
>
> [Additional Information]
> CoreDNS is an individual vendor.
>
> ------------------------------------------
>
> [VulnerabilityType Other]
> DoS
>
> ------------------------------------------
>
> [Vendor of Product]
> CoreDNS
>
> ------------------------------------------
>
> [Affected Product Code Base]
> CoreDNS - <=1.10.1
>
> ------------------------------------------
>
> [Affected Component]
> CoreDNS with the latest version
>
> ------------------------------------------
>
> [Attack Type]
> Remote
>
> ------------------------------------------
>
> [Impact Denial of Service]
> true
>
> ------------------------------------------
>
> [Attack Vectors]
> Attackers inject a malformed response to the correct source port by brute-forcing and without the need of guessing the correct txid.
>
> ------------------------------------------
>
> [Reference]
> https://github.com/coredns/coredns/pull/6014
> Please search: Continue waiting after receiving malformed responses
> https://www.computer.org/csdl/proceedings-article/sp/2024/313000a181/1V28Z5fBEVG
> ------------------------------------------
>
> [Discoverer]
> Xiang Li from NISL Lab of Tsinghua University
CVE-2023-30464
> [Suggested description]
> CoreDNS
> through 1.10.1
> enables attackers to achieve
> DNS cache poisoning (TuDoor for birthday-based cache poisoning) and inject fake responses via a
> birthday attack.
> ------------------------------------------
>
> [Additional Information]
> CoreDNS is an individual vendor.
>
> ------------------------------------------
>
> [VulnerabilityType Other]
> CAPEC-142: DNS Cache Poisoning
>
> ------------------------------------------
>
> [Vendor of Product]
> CoreDNS
>
> ------------------------------------------
>
> [Affected Product Code Base]
> CoreDNS - <=1.10.1
>
> ------------------------------------------
>
> [Affected Component]
> CoreDNS with the latest version
>
> ------------------------------------------
>
> [Attack Type]
> Remote
>
> ------------------------------------------
>
> [CVE Impact Other]
> DNS cache poisoning
>
> ------------------------------------------
>
> [Attack Vectors]
> Attackers send a query to CoreDNS and inject fake DNS responses to poison the CoreDNS server.
>
> ------------------------------------------
>
> [Reference]
> https://coredns.io/
> https://www.computer.org/csdl/proceedings-article/sp/2024/313000a181/1V28Z5fBEVG
> ------------------------------------------
>
> [Discoverer]
> Xiang Li from NISL Lab of Tsinghua University
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment