CVE-2019-6477: TCP-pipelined queries can bypass tcp-clients limit
Severity: Medium
Exploitable: Remotely
CVSS Score: 6.5
Versions affected: BIND 9.11.6-P1 -> 9.11.12, 9.12.4-P1 -> 9.12.4-P2, 9.14.1 -> 9.14.7, and versions 9.11.5-S6 -> 9.11.12-S1 of BIND 9 Supported Preview Edition. Versions 9.15.0 -> 9.15.5 of the BIND 9.15 development branch are also affected. Versions prior to BIND 9.11.0 have not been evaluated for vulnerability to CVE-2019-6477.
Work around:
# Disable server TCP pipelining:
keep-response-order { any; };
CVE-2019-6477: TCP-pipelined queries can bypass tcp-clients limit
Work around:
Solution upstream: