- Article Number: 000017854
- Products: Sidewinder
- Version: 8.3, 7.0
- Last Published Date: November 27, 2019
CVE-2019-6477 – Medium
KBA Detailed Information
The following description is from the Internet Systems Consortium (ISC).
By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The update to this functionality introduced by CVE-2018-5743 changed how BIND calculates the number of concurrent TCP clients from counting the outstanding TCP queries to counting the TCP client connections. On a server with TCP-pipelining capability, it is possible for one TCP client to send a large number of DNS requests over a single connection. Each outstanding query will be handled internally as an independent client request, thus bypassing the new TCP clients limit.
Hotfix and Information About Other Fixes
The following patches are available to resolve these vulnerabilities:
Sidewinder download information
User name: atl-963845ro User password: 34bT4hF3AFJn Server name: csftp.us.stonesoft.comhttps://csftp.us.stonesoft.com