CVE-2024-0760

HIGH

BIND 9 9.18.1-9.18.27, 9.19.0-9.19.24, 9.18.11-S1-9.18.27-S1 - Denial of Service via DNS over TCP Flood

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-0760. PoCs published by SpiralBL0CK.

AI-analyzed exploit summary This PoC exploits CVE-2024-0760 by sending a large number of DNS queries over TCP to a BIND-compatible server, likely triggering a DoS condition due to resource exhaustion or improper handling of repeated queries.

Description

A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0 through 9.19.24, and 9.18.11-S1 through 9.18.27-S1.

Exploits (1)

nomisec WORKING POC
by SpiralBL0CK · poc
https://github.com/SpiralBL0CK/CVE-2024-0760

This PoC exploits CVE-2024-0760 by sending a large number of DNS queries over TCP to a BIND-compatible server, likely triggering a DoS condition due to resource exhaustion or improper handling of repeated queries.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: BIND DNS server (version not specified)
No auth needed
Prerequisites: Network access to the target DNS server
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 7.5
EPSS 0.0468
EPSS Percentile 90.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-770
Status published
Products (3)
ISC/BIND 9 9.18.1 - 9.18.27
ISC/BIND 9 9.18.11-S1 - 9.18.27-S1
ISC/BIND 9 9.19.0 - 9.19.24
Published Jul 23, 2024
Tracked Since Feb 18, 2026