Search criteria
69 vulnerabilities found for data_ontap_edge by netapp
FKIE_CVE-2018-5740
Vulnerability from fkie_nvd - Published: 2019-01-16 20:29 - Updated: 2024-11-21 04:09
Severity ?
Summary
"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| isc | bind | * | |
| isc | bind | * | |
| isc | bind | * | |
| isc | bind | * | |
| isc | bind | * | |
| isc | bind | * | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| netapp | data_ontap_edge | - | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| hp | hp-ux | - | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 15.1 | |
| opensuse | leap | 42.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCCA7B30-3344-4718-8B34-FE60CCE4487C",
"versionEndExcluding": "9.8.8",
"versionStartIncluding": "9.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F17A1AB-48E7-48B7-97CC-BD270649F856",
"versionEndExcluding": "9.9.13",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF340133-E86A-4A6D-9775-E66B46829700",
"versionEndExcluding": "9.10.8",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94AD1D77-45DD-49F2-AA16-6E3A3BF8F5C9",
"versionEndExcluding": "9.11.4",
"versionStartIncluding": "9.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5464FDED-E02B-486F-8699-CB7B9D623A59",
"versionEndExcluding": "9.12.2",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0484A7C1-5E99-49A6-BE21-BB201D2D0EFA",
"versionEndExcluding": "9.13.2",
"versionStartIncluding": "9.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F480AA32-841A-4E68-9343-B2E7548B0A0C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2."
},
{
"lang": "es",
"value": "\"deny-answer-aliases\" es una caracter\u00edstica poco utilizada que pretende ayudar a los operadores recursivos del servidor a proteger a los usuarios finales contra ataques de reenlace DNS, un m\u00e9todo para poder eludir el modelo de seguridad empleado por los navegadores del cliente. Sin embargo, un defecto en esta caracter\u00edstica hace que sea sencillo experimentar un fallo de aserci\u00f3n en name.c. Afecta a BIND desde la versi\u00f3n 9.7.0 hasta la versi\u00f3n 9.8.8, desde la versi\u00f3n 9.9.0 hasta la versi\u00f3n 9.9.13, desde la versi\u00f3n 9.10.0 hasta la versi\u00f3n 9.10.8, desde la versi\u00f3n 9.11.0 hasta la versi\u00f3n 9.11.4, desde la versi\u00f3n 9.12.0 hasta la versi\u00f3n 9.12.2 y desde la versi\u00f3n 9.13.0 hasta la versi\u00f3n 9.13.2."
}
],
"id": "CVE-2018-5740",
"lastModified": "2024-11-21T04:09:17.547",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-officer@isc.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-16T20:29:01.017",
"references": [
{
"source": "security-officer@isc.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"
},
{
"source": "security-officer@isc.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105055"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041436"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2570"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2571"
},
{
"source": "security-officer@isc.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01639"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"
},
{
"source": "security-officer@isc.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-13"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0003/"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3769-1/"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3769-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2571"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3769-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3769-2/"
}
],
"sourceIdentifier": "security-officer@isc.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-3136
Vulnerability from fkie_nvd - Published: 2019-01-16 20:29 - Updated: 2024-11-21 03:24
Severity ?
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BCD9327-F097-49B8-BEFF-07785EE8BB6D",
"versionEndIncluding": "9.8.8",
"versionStartIncluding": "9.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4418EDD7-AC58-48A3-BE65-273C0E8222E3",
"versionEndIncluding": "9.9.9",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1DE78F6-B88E-44A7-BECD-B78B7E9052C1",
"versionEndIncluding": "9.10.4",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "25855A5C-302F-4A82-AEC1-8C4C9CB70362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "86C1A668-D648-4E72-876B-E72D341003D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "0CFD0CE9-FE4D-4FB3-9486-36FA1A4FADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "E134536A-0F48-4F54-8399-5EF4C09BFF85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "63C9ED44-1207-4BE6-B5BB-56D198DC0C19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "561BF14D-8D6A-4DDB-82BB-6B8EBF34C326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "931DBFCE-F071-490F-867F-52A150DBD245",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7BE793-7717-4019-8F50-158C309E48B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*",
"matchCriteriaId": "FCC182A9-5989-4A87-A3BA-F1CFAEDC95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.10:beta1:*:*:*:*:*:*",
"matchCriteriaId": "9C8F0163-FF32-44E0-B05C-F89263CD56A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "94C0C9FC-5CCF-4AD7-8D83-7B579102F7E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "BB2D2132-62E8-4E73-A0BF-4790DAFC5558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "E253BD9F-25B8-42E7-BEAB-E843381ED155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*",
"matchCriteriaId": "6B5E42E5-27C6-4D6F-B7DC-903B10BF2017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*",
"matchCriteriaId": "7E211374-A4F5-41D4-A89E-E6522E9D0DFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p5:*:*:*:*:*:*",
"matchCriteriaId": "21CC7BA7-6D75-4561-ACF3-F1F61A0CBA62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p6:*:*:*:*:*:*",
"matchCriteriaId": "70586A2A-AA52-48F5-B2B0-390CA77807E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.5:b1:*:*:*:*:*:*",
"matchCriteriaId": "8C5A0370-9490-40CC-84E8-EEE95A6F233B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CEC78396-4667-4A45-8DBD-0D0C2AAE1549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3160C5ED-75EA-47B2-998E-EDFC46B37DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "086C327B-DF9F-4D4E-A538-1E29FEDC34C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "1440B408-76B6-4FA7-899D-E28049A37704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "4D50373F-C1C4-4EC9-B94F-854C3444717D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.1:beta1:*:*:*:*:*:*",
"matchCriteriaId": "CE6ED392-74B9-487E-83B0-ECAAEEAB3AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EEA791E2-27E0-49C5-9823-0C57647C788F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8."
},
{
"lang": "es",
"value": "Una consulta con un conjunto determinado de caracter\u00edsticas podr\u00eda provocar que un servidor que emplea DNS64 se encuentre con un fallo de aserci\u00f3n y termine. Un atacante podr\u00eda construir deliberadamente una consulta, habilitando una denegaci\u00f3n de servicio (DoS) contra un servidor si est\u00e1 configurado para emplear la caracter\u00edstica DNS64 y se cumplen otras precondiciones. Afecta a BIND desde la versi\u00f3n 9.8.0 hasta la9.8.8-P1, desde la versi\u00f3n 9.9.0 hasta la 9.9.9-P6, desde la versi\u00f3n 9.9.10b1 hasta la 9.9.10rc1, desde la versi\u00f3n 9.10.0 hasta la 9.10.4-P6, desde la versi\u00f3n 9.10.5b1 hasta la 9.10.5rc1, desde la versi\u00f3n 9.11.0 hasta la 9.11.0-P3, desde la versi\u00f3n 9.11.1b1 hasta la 9.11.1rc1 y desde la versi\u00f3n 9.9.3-S1 hasta 9.9.9-S8."
}
],
"id": "CVE-2017-3136",
"lastModified": "2024-11-21T03:24:54.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "security-officer@isc.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-16T20:29:00.313",
"references": [
{
"source": "security-officer@isc.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"source": "security-officer@isc.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97653"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038259"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"source": "security-officer@isc.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97653"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
}
],
"sourceIdentifier": "security-officer@isc.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-5736
Vulnerability from fkie_nvd - Published: 2019-01-16 20:29 - Updated: 2024-11-21 04:09
Severity ?
Summary
An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is permitted to cause a vulnerable server to initiate zone transfers (for example: by sending valid NOTIFY messages), causing the named process to exit after failing the assertion test. Affects BIND 9.12.0 and 9.12.1.
References
| URL | Tags | ||
|---|---|---|---|
| security-officer@isc.org | http://www.securityfocus.com/bid/104386 | Third Party Advisory, VDB Entry | |
| security-officer@isc.org | http://www.securitytracker.com/id/1040941 | Third Party Advisory, VDB Entry | |
| security-officer@isc.org | https://kb.isc.org/docs/aa-01602 | Vendor Advisory | |
| security-officer@isc.org | https://security.netapp.com/advisory/ntap-20180926-0004/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104386 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040941 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.isc.org/docs/aa-01602 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20180926-0004/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| isc | bind | 9.12.0 | |
| isc | bind | 9.12.1 | |
| netapp | cloud_backup | - | |
| netapp | data_ontap_edge | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:9.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DCE4BD2-2256-473F-B17F-192CAC145DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "440CFE40-C9B7-4E6E-800D-DD595F8FC38E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is permitted to cause a vulnerable server to initiate zone transfers (for example: by sending valid NOTIFY messages), causing the named process to exit after failing the assertion test. Affects BIND 9.12.0 and 9.12.1."
},
{
"lang": "es",
"value": "Un error en el conteo de la base de datos de la zona puede conducir a un fallo de aserci\u00f3n si un servidor que est\u00e1 ejecutando una versi\u00f3n afectada de BIND intenta realizar varias transferencias hacia una zona esclava en r\u00e1pida sucesi\u00f3n. Este defecto podr\u00eda ser aprovechado deliberadamente por un atacante al que se le permite hacer que un servidor vulnerable inicie transferencias de zona (por ejemplo, mediante el env\u00edo de mensajes NOTIFY v\u00e1lidos), lo que provoca que el proceso named se cierre tras fallar la prueba de aserci\u00f3n. Afecta a BIND en versiones 9.12.0 y 9.12.1."
}
],
"id": "CVE-2018-5736",
"lastModified": "2024-11-21T04:09:16.990",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-16T20:29:00.830",
"references": [
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104386"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040941"
},
{
"source": "security-officer@isc.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01602"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0004/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0004/"
}
],
"sourceIdentifier": "security-officer@isc.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-3137
Vulnerability from fkie_nvd - Published: 2019-01-16 20:29 - Updated: 2024-11-21 03:24
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:p6:*:*:*:*:*:*",
"matchCriteriaId": "2BDE2752-E5CD-4AE6-A404-2C209F942B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:s8:*:*:*:*:*:*",
"matchCriteriaId": "0FE9D5AE-65D4-4744-9789-09AE3B1F4BAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.10:beta1:*:*:*:*:*:*",
"matchCriteriaId": "9C8F0163-FF32-44E0-B05C-F89263CD56A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "94C0C9FC-5CCF-4AD7-8D83-7B579102F7E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p6:*:*:*:*:*:*",
"matchCriteriaId": "70586A2A-AA52-48F5-B2B0-390CA77807E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.5:b1:*:*:*:*:*:*",
"matchCriteriaId": "8C5A0370-9490-40CC-84E8-EEE95A6F233B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CEC78396-4667-4A45-8DBD-0D0C2AAE1549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "4D50373F-C1C4-4EC9-B94F-854C3444717D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.1:b1:*:*:*:*:*:*",
"matchCriteriaId": "A923D26C-3BE1-492E-99CF-1BB14D8A6388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EEA791E2-27E0-49C5-9823-0C57647C788F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6D0378-F0F4-4AAA-80AF-8287C790EC96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "16E6D998-B41D-4B49-9E00-8336D2E40A4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6C81647C-9A53-481D-A54C-36770A093F90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "835AE071-CEAE-49E5-8F0C-E5F50FB85EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "13E02156-E748-4820-B76F-7074793837E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, and 9.9.9-S8."
},
{
"lang": "es",
"value": "Las asunciones equivocadas sobre el orden de los registros en la secci\u00f3n de respuesta de una respuesta que contiene registros de recursos CNAME o DNAME podr\u00eda conducir a una situaci\u00f3n en la que named se cerrar\u00eda con un fallo de aserci\u00f3n al procesar una respuesta en la que los registros ocurrieron en un orden inusual. Afecta a BIND en versiones 9.9.9-P6, desde la versi\u00f3n 9.9.10b1 hasta la 9.9.10rc1, la versi\u00f3n 9.10.4-P6, desde la versi\u00f3n 9.10.5b1 hasta la 9.10.5rc1, la versi\u00f3n 9.11.0-P3, desde la versi\u00f3n 9.11.1b1 hasta la 9.11.1rc1 y en la versi\u00f3n 9.9.9-S8."
}
],
"id": "CVE-2017-3137",
"lastModified": "2024-11-21T03:24:54.583",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-officer@isc.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-16T20:29:00.377",
"references": [
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97651"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038258"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040195"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1582"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1583"
},
{
"source": "security-officer@isc.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01466"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97651"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1583"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
}
],
"sourceIdentifier": "security-officer@isc.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-5737
Vulnerability from fkie_nvd - Published: 2019-01-16 20:29 - Updated: 2024-11-21 04:09
Severity ?
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching can in some cases cause undesirable behavior from named, such as a recursion loop or excessive logging. Deliberate exploitation of this condition could cause operational problems depending on the particular manifestation -- either degradation or denial of service. Affects BIND 9.12.0 and 9.12.1.
References
| URL | Tags | ||
|---|---|---|---|
| security-officer@isc.org | http://www.securityfocus.com/bid/104236 | Third Party Advisory, VDB Entry | |
| security-officer@isc.org | http://www.securitytracker.com/id/1040942 | Third Party Advisory, VDB Entry | |
| security-officer@isc.org | https://kb.isc.org/docs/aa-01606 | Vendor Advisory | |
| security-officer@isc.org | https://security.netapp.com/advisory/ntap-20180926-0004/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104236 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040942 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.isc.org/docs/aa-01606 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20180926-0004/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| isc | bind | 9.12.0 | |
| isc | bind | 9.12.1 | |
| netapp | cloud_backup | - | |
| netapp | data_ontap_edge | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:9.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DCE4BD2-2256-473F-B17F-192CAC145DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "440CFE40-C9B7-4E6E-800D-DD595F8FC38E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching can in some cases cause undesirable behavior from named, such as a recursion loop or excessive logging. Deliberate exploitation of this condition could cause operational problems depending on the particular manifestation -- either degradation or denial of service. Affects BIND 9.12.0 and 9.12.1."
},
{
"lang": "es",
"value": "Un problema con la implementaci\u00f3n de la nueva caracter\u00edstica \"serve-stale\" en BIND 9.12 puede conducir a un fallo de aserci\u00f3n en rbtdb.c, incluso cuando stale-answer-enable est\u00e1 desactivado. Adem\u00e1s, la interacci\u00f3n problem\u00e1tica entre la caracter\u00edstica serve-stale y el cacheo negativo agresivo NSEC puede provocar en algunos casos un comportamiento no deseado en named, como un bucle de recursi\u00f3n o el registro excesivo. La explotaci\u00f3n deliberada de esta condici\u00f3n podr\u00eda provocar problemas operativos sobre la manifestaci\u00f3n concreta, ya sea una degradaci\u00f3n o una denegaci\u00f3n de servicio (DoS). Afecta a BIND en versiones 9.12.0 y 9.12.1."
}
],
"id": "CVE-2018-5737",
"lastModified": "2024-11-21T04:09:17.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "security-officer@isc.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-16T20:29:00.877",
"references": [
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104236"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040942"
},
{
"source": "security-officer@isc.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01606"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0004/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0004/"
}
],
"sourceIdentifier": "security-officer@isc.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-3138
Vulnerability from fkie_nvd - Published: 2019-01-16 20:29 - Updated: 2024-11-21 03:24
Severity ?
6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
5.3 (Medium) - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
5.3 (Medium) - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of named can be caused to exit with a REQUIRE assertion failure if they are sent a null command string. Affects BIND 9.9.9->9.9.9-P7, 9.9.10b1->9.9.10rc2, 9.10.4->9.10.4-P7, 9.10.5b1->9.10.5rc2, 9.11.0->9.11.0-P4, 9.11.1b1->9.11.1rc2, 9.9.9-S1->9.9.9-S9.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| isc | bind | 9.9.9 | |
| isc | bind | 9.9.9 | |
| isc | bind | 9.9.9 | |
| isc | bind | 9.9.9 | |
| isc | bind | 9.9.9 | |
| isc | bind | 9.9.9 | |
| isc | bind | 9.9.9 | |
| isc | bind | 9.9.9 | |
| isc | bind | 9.9.9 | |
| isc | bind | 9.9.9 | |
| isc | bind | 9.9.10 | |
| isc | bind | 9.9.10 | |
| isc | bind | 9.9.10 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.5 | |
| isc | bind | 9.10.5 | |
| isc | bind | 9.10.5 | |
| isc | bind | 9.11.0 | |
| isc | bind | 9.11.0 | |
| isc | bind | 9.11.0 | |
| isc | bind | 9.11.0 | |
| isc | bind | 9.11.0 | |
| isc | bind | 9.11.1 | |
| isc | bind | 9.11.1 | |
| isc | bind | 9.11.1 | |
| netapp | data_ontap_edge | - | |
| netapp | element_software | - | |
| netapp | oncommand_balance | - | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AECB4D34-0D20-46C5-A389-0296EF60E795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:p1:*:*:*:*:*:*",
"matchCriteriaId": "376915CA-6BDB-423E-B216-64B098344DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:p2:*:*:*:*:*:*",
"matchCriteriaId": "03215B90-9860-4CB4-B7D2-3DF045B129EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:p3:*:*:*:*:*:*",
"matchCriteriaId": "88335D70-E98B-469E-A2E7-1958EB5F10DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:p4:*:*:*:*:*:*",
"matchCriteriaId": "795DA9EE-489D-402E-8427-C9E3650BA1E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:p5:*:*:*:*:*:*",
"matchCriteriaId": "012A3C08-2A0F-4168-9DE0-F609707E4C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:p6:*:*:*:*:*:*",
"matchCriteriaId": "2BDE2752-E5CD-4AE6-A404-2C209F942B7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:p7:*:*:*:*:*:*",
"matchCriteriaId": "0387826C-AE6B-44C8-9888-4088CF66D78C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:s1:*:*:*:*:*:*",
"matchCriteriaId": "21FBF6B7-BA47-46AC-B7EB-3A3A2E985BFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:s7:*:*:*:*:*:*",
"matchCriteriaId": "7132A53F-7DF2-4B79-AC86-75A0C73843B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.10:beta1:*:*:*:*:*:*",
"matchCriteriaId": "9C8F0163-FF32-44E0-B05C-F89263CD56A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "94C0C9FC-5CCF-4AD7-8D83-7B579102F7E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "BFF50431-599D-40DD-A2B3-30A6D5652FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3E76DCB3-8063-415D-A774-9191E69E6980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "BB2D2132-62E8-4E73-A0BF-4790DAFC5558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "E253BD9F-25B8-42E7-BEAB-E843381ED155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*",
"matchCriteriaId": "6B5E42E5-27C6-4D6F-B7DC-903B10BF2017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*",
"matchCriteriaId": "7E211374-A4F5-41D4-A89E-E6522E9D0DFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p5:*:*:*:*:*:*",
"matchCriteriaId": "21CC7BA7-6D75-4561-ACF3-F1F61A0CBA62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p6:*:*:*:*:*:*",
"matchCriteriaId": "70586A2A-AA52-48F5-B2B0-390CA77807E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p7:*:*:*:*:*:*",
"matchCriteriaId": "060E10B1-5501-4BD0-A148-B04C56D499F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.5:b1:*:*:*:*:*:*",
"matchCriteriaId": "8C5A0370-9490-40CC-84E8-EEE95A6F233B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CEC78396-4667-4A45-8DBD-0D0C2AAE1549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.5:rc2:*:*:*:*:*:*",
"matchCriteriaId": "1CD813E5-0C4A-4B55-A1B9-9C5C6C2504D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3160C5ED-75EA-47B2-998E-EDFC46B37DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "086C327B-DF9F-4D4E-A538-1E29FEDC34C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "1440B408-76B6-4FA7-899D-E28049A37704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "4D50373F-C1C4-4EC9-B94F-854C3444717D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "6658F26D-C088-4470-8AFD-58BB54201C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.1:b1:*:*:*:*:*:*",
"matchCriteriaId": "A923D26C-3BE1-492E-99CF-1BB14D8A6388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EEA791E2-27E0-49C5-9823-0C57647C788F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4E654717-4EF6-4397-A637-A9789CD5D1D6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of named can be caused to exit with a REQUIRE assertion failure if they are sent a null command string. Affects BIND 9.9.9-\u003e9.9.9-P7, 9.9.10b1-\u003e9.9.10rc2, 9.10.4-\u003e9.10.4-P7, 9.10.5b1-\u003e9.10.5rc2, 9.11.0-\u003e9.11.0-P4, 9.11.1b1-\u003e9.11.1rc2, 9.9.9-S1-\u003e9.9.9-S9."
},
{
"lang": "es",
"value": "named contiene una caracter\u00edstica que permite que los operadores env\u00ede comandos a un servidor en ejecuci\u00f3n comunic\u00e1ndose con el proceso del servidor mediante un canal de control utilizando un programa como rndc. Una regresi\u00f3n empleada en un cambio de caracter\u00edsticas reciente ha creado una situaci\u00f3n en la cual algunas versiones de named pueden cerrarse con un error de aserci\u00f3n de REQUIRE si se le env\u00eda una cadena de comandos null. Afecta a BIND desde la versi\u00f3n 9.9.9 hasta la 9.9.9-P7, desde la versi\u00f3n 9.9.10b1 hasta la 9.9.10rc2, desde la versi\u00f3n 9.10.4 hasta la 9.10.4-P7, desde la versi\u00f3n 9.10.5b1 hasta la 9.10.5rc2, desde la versi\u00f3n 9.10.5b1 hasta la 9.10.5rc2, desde la versi\u00f3n 9.11.0 hasta la 9.11.0-P4, desde la versi\u00f3n 9.11.1b1 hasta la 9.11.1rc2 y desde la versi\u00f3n 9.9.9-S1 hasta 9.9.9-S9."
}
],
"id": "CVE-2017-3138",
"lastModified": "2024-11-21T03:24:54.743",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "security-officer@isc.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-16T20:29:00.407",
"references": [
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97657"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038260"
},
{
"source": "security-officer@isc.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01471"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/97657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038260"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
}
],
"sourceIdentifier": "security-officer@isc.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-3145
Vulnerability from fkie_nvd - Published: 2019-01-16 20:29 - Updated: 2024-11-21 03:24
Severity ?
Summary
BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "343E9DD3-BBEA-4385-9A8E-0675BE74EC43",
"versionEndIncluding": "9.8.8",
"versionStartIncluding": "9.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EFFE58B-0BAE-43FF-94BD-F03D0FC31BC4",
"versionEndIncluding": "9.9.11",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD179483-9754-4498-AE38-4CF1EB8F4063",
"versionEndIncluding": "9.10.6",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E5186B7-78C5-486D-97D7-E64B9709ED65",
"versionEndIncluding": "9.11.2",
"versionStartIncluding": "9.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*",
"matchCriteriaId": "FCC182A9-5989-4A87-A3BA-F1CFAEDC95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.11:s1:*:*:*:*:*:*",
"matchCriteriaId": "1B9BC3D9-B2F6-4995-A757-E1BB68BC7F8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.5:s1:*:*:*:*:*:*",
"matchCriteriaId": "82A6F259-EB06-4F31-9F68-A76F257756DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.6:s1:*:*:*:*:*:*",
"matchCriteriaId": "9B6C3FDB-B57C-4DF5-AFDB-EEF17F5DAE08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.12.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "646FE55D-D8DF-483E-8DBE-65FB8A3FC18B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.12.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "1653E806-4F31-4ACA-B51F-5F0067D99208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.12.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "8E5AB236-CBDE-48F3-B6E1-5C6B08996ED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.12.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F57F84D2-76D0-42B9-BA61-96204F527B7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "16E6D998-B41D-4B49-9E00-8336D2E40A4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6C81647C-9A53-481D-A54C-36770A093F90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "13E02156-E748-4820-B76F-7074793837E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:12.1x46-d76:-:*:*:*:*:*:*",
"matchCriteriaId": "D6A2BAF7-8D71-474C-9F72-FF5DABC69749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:12.3x48-d70:-:*:*:*:*:*:*",
"matchCriteriaId": "EAB0418C-F53F-4CA9-9AC3-4735A06B19C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49-d140:-:*:*:*:*:*:*",
"matchCriteriaId": "63C3C7CE-3877-462F-ACAE-61E196D6F1B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:17.4r2:-:*:*:*:*:*:*",
"matchCriteriaId": "BF8F91A3-DAC7-42E7-8722-17C57115F9AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.1r2:-:*:*:*:*:*:*",
"matchCriteriaId": "E33DCDB7-DE93-406F-AF78-BD3D9E8D4E2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:juniper:junos:18.2r1:-:*:*:*:*:*:*",
"matchCriteriaId": "B6F40716-E190-4C67-BCF8-831069B95398",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E020556B-693F-4963-BA43-3164AB50FA49",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0D31FF-0812-42B8-B25E-03C35EC1B021",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A03463-6B1D-4DBA-9E89-CAD5E899B98B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52F0B735-8C49-4B08-950A-296C9CDE43CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1."
},
{
"lang": "es",
"value": "BIND secuenciaba incorrectamente las operaciones de limpieza en contextos fetch de recursi\u00f3n ascendente, lo que conduce en algunos casos a un error de uso de memoria previamente liberada que puede desencadenar un fallo de aserci\u00f3n y un cierre inesperado en named. Afecta a BIND desde la versi\u00f3n 9.0.0 hasta la versi\u00f3n 9.8.x, desde la versi\u00f3n 9.9.0 hasta la versi\u00f3n 9.9.11, desde la versi\u00f3n 9.10.0 hasta la versi\u00f3n 9.10.6, desde la versi\u00f3n 9.11.0 hasta la versi\u00f3n 9.11.2, desde la versi\u00f3n 9.9.3-S1 hasta la versi\u00f3n 09.9.11-S1, desde la versi\u00f3n 9.10.5-S1 hasta la versi\u00f3n 9.10.6-S1 y desde la 9.12.0a1 hasta la 9.12.0rc1."
}
],
"id": "CVE-2017-3145",
"lastModified": "2024-11-21T03:24:55.717",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-officer@isc.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-16T20:29:00.690",
"references": [
{
"source": "security-officer@isc.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102716"
},
{
"source": "security-officer@isc.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040195"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0101"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0102"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0487"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0488"
},
{
"source": "security-officer@isc.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01542"
},
{
"source": "security-officer@isc.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0003/"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0487"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0488"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4089"
}
],
"sourceIdentifier": "security-officer@isc.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-3140
Vulnerability from fkie_nvd - Published: 2019-01-16 20:29 - Updated: 2024-11-21 03:24
Severity ?
3.7 (Low) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0->9.11.1, 9.9.10-S1, 9.10.5-S1.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E6E2D9-E137-498C-B175-1CA268B6E551",
"versionEndIncluding": "9.11.1",
"versionStartIncluding": "9.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A64173CC-F89B-4276-8E33-525CC89A22A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.10:s1:*:*:*:*:*:*",
"matchCriteriaId": "96715BE6-F6C4-4A9E-85F2-4E53FE740776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "30ACDFC4-CD8D-4B89-B6C8-8466174B3D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.5:s1:*:*:*:*:*:*",
"matchCriteriaId": "82A6F259-EB06-4F31-9F68-A76F257756DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0-\u003e9.11.1, 9.9.10-S1, 9.10.5-S1."
},
{
"lang": "es",
"value": "Si named est\u00e1 configurado para que emplee RPZ (Response Policy Zones), un error a a hora de procesar algunos tipos de regla puede conducir a una condici\u00f3n en la que BIND entrar\u00e1 en un bucle infinito al manejar una consulta. Afecta a BIND en la versi\u00f3n 9.9.10, 9.10.5, desde la versi\u00f3n 9.11.0 hasta la 9.11.1 y en las versiones 9.9.10-S1 y 9.10.5-S1."
}
],
"id": "CVE-2017-3140",
"lastModified": "2024-11-21T03:24:55.003",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "security-officer@isc.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-16T20:29:00.457",
"references": [
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99088"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038692"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03772en_us"
},
{
"source": "security-officer@isc.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01495"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03772en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0001/"
}
],
"sourceIdentifier": "security-officer@isc.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-5734
Vulnerability from fkie_nvd - Published: 2019-01-16 20:29 - Updated: 2024-11-21 04:09
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2.
References
| URL | Tags | ||
|---|---|---|---|
| security-officer@isc.org | http://www.securityfocus.com/bid/103189 | Third Party Advisory, VDB Entry | |
| security-officer@isc.org | http://www.securitytracker.com/id/1040438 | Third Party Advisory, VDB Entry | |
| security-officer@isc.org | https://kb.isc.org/docs/aa-01562 | Vendor Advisory | |
| security-officer@isc.org | https://security.netapp.com/advisory/ntap-20180926-0005/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/103189 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040438 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.isc.org/docs/aa-01562 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20180926-0005/ | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:9.10.5:s1:*:*:*:*:*:*",
"matchCriteriaId": "82A6F259-EB06-4F31-9F68-A76F257756DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.5:s4:*:*:*:*:*:*",
"matchCriteriaId": "5AB5FCA2-A2DE-4D8D-A00C-680DE0DAF83F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.6:s1:*:*:*:*:*:*",
"matchCriteriaId": "9B6C3FDB-B57C-4DF5-AFDB-EEF17F5DAE08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.6:s2:*:*:*:*:*:*",
"matchCriteriaId": "7C057426-87E6-4B56-A9F2-07BEDBE4A241",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire_element_os_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6AD8D649-8F3E-4B22-912C-FE94CDC88A67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn\u0027t contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2."
},
{
"lang": "es",
"value": "Al gestionar un tipo concreto de paquete mal formado, BIND selecciona err\u00f3neamente un rcode SERVFAIL en lugar de un rcode FORMERR. Si la vista que se est\u00e1 recibiendo tiene la caracter\u00edstica de cach\u00e9 SERVFAIL habilitada, esto puede desencadenar un fallo de aserci\u00f3n en badcache.c cuando la petici\u00f3n no contiene toda la informaci\u00f3n esperada. Afecta a BIND desde la versi\u00f3n 9.9.5-S1 hasta la 9.10.5-S4 y desde la versi\u00f3n 9.10.6-S1 hasta la 9.10.6-S2."
}
],
"id": "CVE-2018-5734",
"lastModified": "2024-11-21T04:09:16.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-officer@isc.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-16T20:29:00.800",
"references": [
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103189"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040438"
},
{
"source": "security-officer@isc.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01562"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/103189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
}
],
"sourceIdentifier": "security-officer@isc.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-9778
Vulnerability from fkie_nvd - Published: 2019-01-16 20:29 - Updated: 2024-11-21 03:01
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the "nxdomain-redirect" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type "redirect" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -> 9.9.8-S3, 9.9.9-S1 -> 9.9.9-S6, 9.11.0-9.11.0-P1.
References
| URL | Tags | ||
|---|---|---|---|
| security-officer@isc.org | http://www.securityfocus.com/bid/95388 | Third Party Advisory, VDB Entry | |
| security-officer@isc.org | http://www.securitytracker.com/id/1037582 | Third Party Advisory, VDB Entry | |
| security-officer@isc.org | https://kb.isc.org/article/AA-01442/ | Vendor Advisory | |
| security-officer@isc.org | https://security.gentoo.org/glsa/201708-01 | Third Party Advisory | |
| security-officer@isc.org | https://security.netapp.com/advisory/ntap-20180926-0005/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95388 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037582 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.isc.org/article/AA-01442/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201708-01 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20180926-0005/ | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:9.9.8:s1:*:*:*:*:*:*",
"matchCriteriaId": "52C0DC21-D024-4ABD-910B-3C6A9A04C8B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.8:s2:*:*:*:*:*:*",
"matchCriteriaId": "72392A81-BBFE-419F-84D1-2376CB552213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.8:s3:*:*:*:*:*:*",
"matchCriteriaId": "BBB98AAF-3EA6-47AD-949D-FBAC04AEC28E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:s1:*:*:*:*:*:*",
"matchCriteriaId": "21FBF6B7-BA47-46AC-B7EB-3A3A2E985BFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:s6:*:*:*:*:*:*",
"matchCriteriaId": "A7A167E4-4CAF-4FD7-92F0-986F1C12F4CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3160C5ED-75EA-47B2-998E-EDFC46B37DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "086C327B-DF9F-4D4E-A538-1E29FEDC34C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire_element_os_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6AD8D649-8F3E-4B22-912C-FE94CDC88A67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the \"nxdomain-redirect\" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type \"redirect\" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -\u003e 9.9.8-S3, 9.9.9-S1 -\u003e 9.9.9-S6, 9.11.0-9.11.0-P1."
},
{
"lang": "es",
"value": "Un error a la hora de manejar ciertas consultas puede provocar un fallo de aserci\u00f3n cuando un servidor emplea la caracter\u00edstica nxdomain-redirect para cubrir una zona para la que tambi\u00e9n est\u00e1 prestando servicios autoritativos. Un servidor vulnerable podr\u00eda ser detenido de forma intencional por un atacante si est\u00e1 empleando una configuraci\u00f3n que cumple los criterios para la vulnerabilidad y si el atacante puede provocar que acepte una consulta que posee los atributos necesarios. N\u00f3tese: esta vulnerabilidad afecta a la caracter\u00edstica \"nxdomain-redirect\", que es uno de los dos m\u00e9todos para gestionar la redirecci\u00f3n de NXDOMAIN y solo est\u00e1 disponible en ciertas versiones de BIND. La redirecci\u00f3n mediante zonas de tipo \"redirect\" no se ha visto afectada por esta vulnerabilidad. Afecta a BIND desde la versi\u00f3n 9.9.8-S1 hasta la 9.9.8-S3, desde la versi\u00f3n 9.9.9-S1 hasta la 9.9.9-S6 y a la versi\u00f3n 9.11.0-9.11.0-P1."
}
],
"id": "CVE-2016-9778",
"lastModified": "2024-11-21T03:01:44.017",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-officer@isc.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-16T20:29:00.253",
"references": [
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95388"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037582"
},
{
"source": "security-officer@isc.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/article/AA-01442/"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/article/AA-01442/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
}
],
"sourceIdentifier": "security-officer@isc.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-388"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-3135
Vulnerability from fkie_nvd - Published: 2019-01-16 20:29 - Updated: 2024-11-21 03:24
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| isc | bind | 9.9.3 | |
| isc | bind | 9.9.3 | |
| isc | bind | 9.9.8 | |
| isc | bind | 9.9.9 | |
| isc | bind | 9.9.9 | |
| isc | bind | 9.9.10 | |
| isc | bind | 9.10.0 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.5 | |
| isc | bind | 9.11.0 | |
| isc | bind | 9.11.0 | |
| isc | bind | 9.11.0 | |
| isc | bind | 9.11.1 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.3 | |
| redhat | enterprise_linux_server_aus | 7.4 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.3 | |
| redhat | enterprise_linux_server_eus | 7.4 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.3 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| netapp | data_ontap_edge | - | |
| netapp | element_software_management_node | - | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A7BE793-7717-4019-8F50-158C309E48B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*",
"matchCriteriaId": "FCC182A9-5989-4A87-A3BA-F1CFAEDC95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF19353-E509-4864-ADDD-39F3012A262B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:p5:*:*:*:*:*:*",
"matchCriteriaId": "012A3C08-2A0F-4168-9DE0-F609707E4C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.9:s7:*:*:*:*:*:*",
"matchCriteriaId": "7132A53F-7DF2-4B79-AC86-75A0C73843B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.9.10:beta1:*:*:*:*:*:*",
"matchCriteriaId": "9C8F0163-FF32-44E0-B05C-F89263CD56A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92ECA27E-4248-49BD-A84C-4854CCA19AC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "BB2D2132-62E8-4E73-A0BF-4790DAFC5558",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "E253BD9F-25B8-42E7-BEAB-E843381ED155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*",
"matchCriteriaId": "6B5E42E5-27C6-4D6F-B7DC-903B10BF2017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*",
"matchCriteriaId": "7E211374-A4F5-41D4-A89E-E6522E9D0DFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.4:p5:*:*:*:*:*:*",
"matchCriteriaId": "21CC7BA7-6D75-4561-ACF3-F1F61A0CBA62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.10.5:beta1:*:*:*:*:*:*",
"matchCriteriaId": "278142AB-9CE9-4DAC-A0C5-A3E05A715829",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3160C5ED-75EA-47B2-998E-EDFC46B37DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "086C327B-DF9F-4D4E-A538-1E29FEDC34C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "1440B408-76B6-4FA7-899D-E28049A37704",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.11.1:beta1:*:*:*:*:*:*",
"matchCriteriaId": "CE6ED392-74B9-487E-83B0-ECAAEEAB3AB3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E902EEC6-9A41-4FBC-8D81-891DF846A5CB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -\u003e 9.9.9-S7, 9.9.3 -\u003e 9.9.9-P5, 9.9.10b1, 9.10.0 -\u003e 9.10.4-P5, 9.10.5b1, 9.11.0 -\u003e 9.11.0-P2, 9.11.1b1."
},
{
"lang": "es",
"value": "En ciertas condiciones, al emplear DNS64 y RPZ para rescribir respuestas a consultas, el procesamiento de consultas puede continuar de forma inconsistente, lo que puede conducir a un fallo de aserci\u00f3n de INSIST o a un intento para leer a trav\u00e9s de un puntero NULL. Afecta a BIND en su versi\u00f3n 9.8.8, desde la versi\u00f3n 9.9.3-S1 hasta la 9.9.9-S7, desde la versi\u00f3n 9.9.3 hasta la 9.9.9-P5, la versi\u00f3n 9.9.10b1, desde la versi\u00f3n 9.10.0 hasta la 9.10.4-P5, la versi\u00f3n 9.10.5b1, desde la versi\u00f3n 9.11.0 hasta la 9.11.0-P2 y a la versi\u00f3n 9.11.1b1."
}
],
"id": "CVE-2017-3135",
"lastModified": "2024-11-21T03:24:54.283",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-officer@isc.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-16T20:29:00.283",
"references": [
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0276.html"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96150"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037801"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"source": "security-officer@isc.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01453"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-3795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0276.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037801"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-3795"
}
],
"sourceIdentifier": "security-officer@isc.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2018-5734 (GCVE-0-2018-5734)
Vulnerability from cvelistv5 – Published: 2019-01-16 20:00 – Updated: 2024-09-17 02:31
VLAI?
Summary
While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2.
Severity ?
7.5 (High)
CWE
- Servers running the affected versions (9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, and 9.10.6-S2) are vulnerable if they allow recursion, unless the SERVFAIL cache is disabled for the receiving view.
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:40:51.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01562"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"name": "103189",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103189"
},
{
"name": "1040438",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040438"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2"
}
]
}
],
"datePublic": "2018-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn\u0027t contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Servers running the affected versions (9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, and 9.10.6-S2) are vulnerable if they allow recursion, unless the SERVFAIL cache is disabled for the receiving view.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-17T10:57:01",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01562"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"name": "103189",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103189"
},
{
"name": "1040438",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040438"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release.\n\n No publicly released versions of BIND are affected\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.10.6-S3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "A malformed request can trigger an assertion failure in badcache.c",
"workarounds": [
{
"lang": "en",
"value": "Disabling the SERVFAIL cache with \u0027servfail-ttl 0;\u0027 will prevent taking the code path that leads to the assertion failure."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2018-02-28T00:00:00.000Z",
"ID": "CVE-2018-5734",
"STATE": "PUBLIC",
"TITLE": "A malformed request can trigger an assertion failure in badcache.c"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn\u0027t contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Servers running the affected versions (9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, and 9.10.6-S2) are vulnerable if they allow recursion, unless the SERVFAIL cache is disabled for the receiving view."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.isc.org/docs/aa-01562",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01562"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"name": "103189",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103189"
},
{
"name": "1040438",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040438"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release.\n\n No publicly released versions of BIND are affected\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.10.6-S3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Disabling the SERVFAIL cache with \u0027servfail-ttl 0;\u0027 will prevent taking the code path that leads to the assertion failure."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2018-5734",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2018-01-17T00:00:00",
"dateUpdated": "2024-09-17T02:31:46.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3140 (GCVE-0-2017-3140)
Vulnerability from cvelistv5 – Published: 2019-01-16 20:00 – Updated: 2024-09-17 04:10
VLAI?
Summary
If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0->9.11.1, 9.9.10-S1, 9.10.5-S1.
Severity ?
CWE
- A server is potentially vulnerable to degradation of service if the server is configured to use RPZ, the server uses NSDNAME or NSIP policy rules, and an attacker can cause the server to process a specific query Successful exploitation of this condition will cause named to enter a state where it continues to loop while processing the query without ever reaching an end state. While in this state, named repeatedly queries the same sets of authoritative nameservers and this behavior will usually persist indefinitely beyond the normal client query processing timeout. By triggering this condition multiple times, an attacker could cause a deliberate and substantial degradation in service. Operators of servers that meet the above conditions 1. and 2. may also accidentally encounter this defect during normal operation. It is for this reason that the decision was made to issue this advisory despite its low CVSS score.
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
Credits
ISC would like to thank Oli Schacher of Switch for bringing this defect to our attention.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038692",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038692"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "99088",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99088"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03772en_us"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01495"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.9.10, 9.10.5, 9.11.0-\u003e9.11.1, 9.9.10-S1, 9.10.5-S1"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Oli Schacher of Switch for bringing this defect to our attention."
}
],
"datePublic": "2017-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0-\u003e9.11.1, 9.9.10-S1, 9.10.5-S1."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A server is potentially vulnerable to degradation of service if\n\n the server is configured to use RPZ,\n the server uses NSDNAME or NSIP policy rules, and\n an attacker can cause the server to process a specific query\n\nSuccessful exploitation of this condition will cause named to enter a state where it continues to loop while processing the query without ever reaching an end state. While in this state, named repeatedly queries the same sets of authoritative nameservers and this behavior will usually persist indefinitely beyond the normal client query processing timeout. By triggering this condition multiple times, an attacker could cause a deliberate and substantial degradation in service.\n\nOperators of servers that meet the above conditions 1. and 2. may also accidentally encounter this defect during normal operation. It is for this reason that the decision was made to issue this advisory despite its low CVSS score.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-17T10:57:01",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "1038692",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038692"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "99088",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99088"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03772en_us"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01495"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.10-P1\n BIND 9 version 9.10.5-P1\n BIND 9 version 9.11.1-P1\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.10-S2\n BIND 9 version 9.10.5-S2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An error processing RPZ rules can cause named to loop endlessly after handling a query",
"workarounds": [
{
"lang": "en",
"value": "Only the NSDNAME and NSIP RPZ rule types can cause this condition to occur. You can work around this vulnerability if you are able to express your desired policy while avoiding NSDNAME or NSIP rules, otherwise it is advised that you upgrade to a version which corrects the defect."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-06-14T00:00:00.000Z",
"ID": "CVE-2017-3140",
"STATE": "PUBLIC",
"TITLE": "An error processing RPZ rules can cause named to loop endlessly after handling a query"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.9.10, 9.10.5, 9.11.0-\u003e9.11.1, 9.9.10-S1, 9.10.5-S1"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Oli Schacher of Switch for bringing this defect to our attention."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0-\u003e9.11.1, 9.9.10-S1, 9.10.5-S1."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A server is potentially vulnerable to degradation of service if\n\n the server is configured to use RPZ,\n the server uses NSDNAME or NSIP policy rules, and\n an attacker can cause the server to process a specific query\n\nSuccessful exploitation of this condition will cause named to enter a state where it continues to loop while processing the query without ever reaching an end state. While in this state, named repeatedly queries the same sets of authoritative nameservers and this behavior will usually persist indefinitely beyond the normal client query processing timeout. By triggering this condition multiple times, an attacker could cause a deliberate and substantial degradation in service.\n\nOperators of servers that meet the above conditions 1. and 2. may also accidentally encounter this defect during normal operation. It is for this reason that the decision was made to issue this advisory despite its low CVSS score."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038692",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038692"
},
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "99088",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99088"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03772en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03772en_us"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180926-0001/"
},
{
"name": "https://kb.isc.org/docs/aa-01495",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01495"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.10-P1\n BIND 9 version 9.10.5-P1\n BIND 9 version 9.11.1-P1\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.10-S2\n BIND 9 version 9.10.5-S2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Only the NSDNAME and NSIP RPZ rule types can cause this condition to occur. You can work around this vulnerability if you are able to express your desired policy while avoiding NSDNAME or NSIP rules, otherwise it is advised that you upgrade to a version which corrects the defect."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2017-3140",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-17T04:10:30.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3135 (GCVE-0-2017-3135)
Vulnerability from cvelistv5 – Published: 2019-01-16 20:00 – Updated: 2024-09-16 17:53
VLAI?
Summary
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.
Severity ?
7.5 (High)
CWE
- Servers utilizing both DNS64 and RPZ are potentially susceptible to encountering this condition. When this condition occurs, it will result in either an INSIST assertion failure (and subsequent abort) or an attempt to read through a NULL pointer. On most platforms a NULL pointer read leads to a segmentation fault (SEGFAULT), which causes the process to be terminated. Only servers which are configured to simultaneously use both Response Policy Zones (RPZ) and DNS64 (a method for synthesizing AAAA records from A records) can be affected by this vulnerability.
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
Credits
ISC would like to thank Ramesh Damodaran(Infoblox) and Aliaksandr Shubnik (Infoblox) for reporting the issue and assisting us in the investigation.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.177Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "RHSA-2017:0276",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0276.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "96150",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96150"
},
{
"name": "1037801",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037801"
},
{
"name": "DSA-3795",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-3795"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01453"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "BIND 9 9.8.8, 9.9.3-S1 -\u003e 9.9.9-S7, 9.9.3 -\u003e 9.9.9-P5, 9.9.10b1, 9.10.0 -\u003e 9.10.4-P5, 9.10.5b1, 9.11.0 -\u003e 9.11.0-P2, 9.11.1b1"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Servers utilizing both DNS64 and RPZ are potentially susceptible to encountering this condition."
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Ramesh Damodaran(Infoblox) and Aliaksandr Shubnik (Infoblox) for reporting the issue and assisting us in the investigation."
}
],
"datePublic": "2017-02-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -\u003e 9.9.9-S7, 9.9.3 -\u003e 9.9.9-P5, 9.9.10b1, 9.10.0 -\u003e 9.10.4-P5, 9.10.5b1, 9.11.0 -\u003e 9.11.0-P2, 9.11.1b1."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Servers utilizing both DNS64 and RPZ are potentially susceptible to encountering this condition. When this condition occurs, it will result in either an INSIST assertion failure (and subsequent abort) or an attempt to read through a NULL pointer. On most platforms a NULL pointer read leads to a segmentation fault (SEGFAULT), which causes the process to be terminated.\n\nOnly servers which are configured to simultaneously use both Response Policy Zones (RPZ) and DNS64 (a method for synthesizing AAAA records from A records) can be affected by this vulnerability.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-17T10:57:01",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "RHSA-2017:0276",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0276.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "96150",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96150"
},
{
"name": "1037801",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037801"
},
{
"name": "DSA-3795",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-3795"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01453"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P6\n BIND 9 version 9.10.4-P6\n BIND 9 version 9.11.0-P3\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S8"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Combination of DNS64 and RPZ Can Lead to Crash",
"workarounds": [
{
"lang": "en",
"value": "While it is possible to avoid the condition by removing either DNS64 or RPZ from the configuration, or by carefully restricting the contents of the policy zone, for an affected configuration the most practical and safest course of action is to upgrade to a version of BIND without this vulnerability."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-02-08T00:00:00.000Z",
"ID": "CVE-2017-3135",
"STATE": "PUBLIC",
"TITLE": "Combination of DNS64 and RPZ Can Lead to Crash"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_name": "BIND 9",
"version_value": "9.8.8, 9.9.3-S1 -\u003e 9.9.9-S7, 9.9.3 -\u003e 9.9.9-P5, 9.9.10b1, 9.10.0 -\u003e 9.10.4-P5, 9.10.5b1, 9.11.0 -\u003e 9.11.0-P2, 9.11.1b1"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Servers utilizing both DNS64 and RPZ are potentially susceptible to encountering this condition."
}
],
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Ramesh Damodaran(Infoblox) and Aliaksandr Shubnik (Infoblox) for reporting the issue and assisting us in the investigation."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -\u003e 9.9.9-S7, 9.9.3 -\u003e 9.9.9-P5, 9.9.10b1, 9.10.0 -\u003e 9.10.4-P5, 9.10.5b1, 9.11.0 -\u003e 9.11.0-P2, 9.11.1b1."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Servers utilizing both DNS64 and RPZ are potentially susceptible to encountering this condition. When this condition occurs, it will result in either an INSIST assertion failure (and subsequent abort) or an attempt to read through a NULL pointer. On most platforms a NULL pointer read leads to a segmentation fault (SEGFAULT), which causes the process to be terminated.\n\nOnly servers which are configured to simultaneously use both Response Policy Zones (RPZ) and DNS64 (a method for synthesizing AAAA records from A records) can be affected by this vulnerability."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "RHSA-2017:0276",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0276.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "96150",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96150"
},
{
"name": "1037801",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037801"
},
{
"name": "DSA-3795",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3795"
},
{
"name": "https://kb.isc.org/docs/aa-01453",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01453"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P6\n BIND 9 version 9.10.4-P6\n BIND 9 version 9.11.0-P3\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S8"
}
],
"source": {
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "While it is possible to avoid the condition by removing either DNS64 or RPZ from the configuration, or by carefully restricting the contents of the policy zone, for an affected configuration the most practical and safest course of action is to upgrade to a version of BIND without this vulnerability."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2017-3135",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-16T17:53:49.488Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-5740 (GCVE-0-2018-5740)
Vulnerability from cvelistv5 – Published: 2019-01-16 20:00 – Updated: 2024-09-16 17:58
VLAI?
Summary
"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.
Severity ?
7.5 (High)
CWE
- Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients.
- Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients. Only servers which have explicitly enabled the "deny-answer-aliases" feature are at risk and disabling the feature prevents exploitation.
Assigner
References
Impacted products
Credits
ISC would like to thank Tony Finch of the University of Cambridge for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:40:51.365Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105055",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105055"
},
{
"name": "[debian-lts-announce] 20180830 [SECURITY] [DLA 1485-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"
},
{
"name": "RHSA-2018:2570",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2570"
},
{
"name": "RHSA-2018:2571",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2571"
},
{
"name": "USN-3769-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3769-2/"
},
{
"name": "1041436",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041436"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0003/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01639"
},
{
"name": "USN-3769-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3769-1/"
},
{
"name": "GLSA-201903-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201903-13"
},
{
"name": "openSUSE-SU-2019:1533",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"
},
{
"name": "openSUSE-SU-2019:1532",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us"
},
{
"name": "[debian-lts-announce] 20211102 [SECURITY] [DLA 2807-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "BIND 9 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Only servers which have explicitly enabled the \"deny-answer-aliases\" feature are at risk and disabling the feature prevents exploitation."
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Tony Finch of the University of Cambridge for reporting this issue."
}
],
"datePublic": "2018-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients.",
"lang": "en",
"type": "text"
},
{
"description": "Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients. Only servers which have explicitly enabled the \"deny-answer-aliases\" feature are at risk and disabling the feature prevents exploitation.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-02T03:06:16",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "105055",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105055"
},
{
"name": "[debian-lts-announce] 20180830 [SECURITY] [DLA 1485-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"
},
{
"name": "RHSA-2018:2570",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2570"
},
{
"name": "RHSA-2018:2571",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2571"
},
{
"name": "USN-3769-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3769-2/"
},
{
"name": "1041436",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041436"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0003/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01639"
},
{
"name": "USN-3769-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3769-1/"
},
{
"name": "GLSA-201903-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201903-13"
},
{
"name": "openSUSE-SU-2019:1533",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"
},
{
"name": "openSUSE-SU-2019:1532",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us"
},
{
"name": "[debian-lts-announce] 20211102 [SECURITY] [DLA 2807-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Most operators will not need to make any changes unless they are using the \"deny-answer-aliases\" feature (which is described in the BIND 9 Adminstrator Reference Manual section 6.2.) \"deny-answer-aliases\" is off by default; only configurations which explicitly enable it can be affected by this defect.\n\nIf you are using \"deny-answer-aliases\", upgrade to the patched release most closely related to your current version of BIND.\n\n 9.9.13-P1\n 9.10.8-P1\n 9.11.4-P1\n 9.12.2-P1\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n 9.11.3-S3"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "A flaw in the \"deny-answer-aliases\" feature can cause an assertion failure in named",
"workarounds": [
{
"lang": "en",
"value": "This vulnerability can be avoided by disabling the \"deny-answer-aliases\" feature if it is in use."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2018-08-08T08:00:00.000Z",
"ID": "CVE-2018-5740",
"STATE": "PUBLIC",
"TITLE": "A flaw in the \"deny-answer-aliases\" feature can cause an assertion failure in named"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_name": "BIND 9",
"version_value": "9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Only servers which have explicitly enabled the \"deny-answer-aliases\" feature are at risk and disabling the feature prevents exploitation."
}
],
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Tony Finch of the University of Cambridge for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients."
},
{
"lang": "eng",
"value": "Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients. Only servers which have explicitly enabled the \"deny-answer-aliases\" feature are at risk and disabling the feature prevents exploitation."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105055",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105055"
},
{
"name": "[debian-lts-announce] 20180830 [SECURITY] [DLA 1485-1] bind9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"
},
{
"name": "RHSA-2018:2570",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2570"
},
{
"name": "RHSA-2018:2571",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2571"
},
{
"name": "USN-3769-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3769-2/"
},
{
"name": "1041436",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041436"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180926-0003/"
},
{
"name": "https://kb.isc.org/docs/aa-01639",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01639"
},
{
"name": "USN-3769-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3769-1/"
},
{
"name": "GLSA-201903-13",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201903-13"
},
{
"name": "openSUSE-SU-2019:1533",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"
},
{
"name": "openSUSE-SU-2019:1532",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us"
},
{
"name": "[debian-lts-announce] 20211102 [SECURITY] [DLA 2807-1] bind9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Most operators will not need to make any changes unless they are using the \"deny-answer-aliases\" feature (which is described in the BIND 9 Adminstrator Reference Manual section 6.2.) \"deny-answer-aliases\" is off by default; only configurations which explicitly enable it can be affected by this defect.\n\nIf you are using \"deny-answer-aliases\", upgrade to the patched release most closely related to your current version of BIND.\n\n 9.9.13-P1\n 9.10.8-P1\n 9.11.4-P1\n 9.12.2-P1\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n 9.11.3-S3"
}
],
"source": {
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "This vulnerability can be avoided by disabling the \"deny-answer-aliases\" feature if it is in use."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2018-5740",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2018-01-17T00:00:00",
"dateUpdated": "2024-09-16T17:58:43.029Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3136 (GCVE-0-2017-3136)
Vulnerability from cvelistv5 – Published: 2019-01-16 20:00 – Updated: 2024-09-17 00:51
VLAI?
Summary
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.
Severity ?
5.9 (Medium)
CWE
- Servers are at risk if they are configured to use DNS64 and if the option "break-dnssec yes;" is in use.
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Impacted products
Credits
ISC would like to thank Oleg Gorokhov of Yandex for making us aware of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "DSA-3854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "1038259",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038259"
},
{
"name": "97653",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97653"
},
{
"name": "RHSA-2017:1105",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Oleg Gorokhov of Yandex for making us aware of this vulnerability."
}
],
"datePublic": "2017-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Servers are at risk if they are configured to use DNS64 and if the option \"break-dnssec yes;\" is in use.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T11:06:37",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "RHSA-2017:1095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "DSA-3854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "1038259",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038259"
},
{
"name": "97653",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97653"
},
{
"name": "RHSA-2017:1105",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An error handling synthesized records could cause an assertion failure when using DNS64 with \"break-dnssec yes;\"",
"workarounds": [
{
"lang": "en",
"value": "Servers which have configurations which require DNS64 and \"break-dnssec yes;\" should upgrade. Servers which are not using these features in conjunction are not at risk from this defect."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-03-12T00:00:00.000Z",
"ID": "CVE-2017-3136",
"STATE": "PUBLIC",
"TITLE": "An error handling synthesized records could cause an assertion failure when using DNS64 with \"break-dnssec yes;\""
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Oleg Gorokhov of Yandex for making us aware of this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Servers are at risk if they are configured to use DNS64 and if the option \"break-dnssec yes;\" is in use."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180802-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "DSA-3854",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "1038259",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038259"
},
{
"name": "97653",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97653"
},
{
"name": "RHSA-2017:1105",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"name": "https://kb.isc.org/docs/aa-01465",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"name": "openSUSE-SU-2020:1699",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Servers which have configurations which require DNS64 and \"break-dnssec yes;\" should upgrade. Servers which are not using these features in conjunction are not at risk from this defect."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2017-3136",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-17T00:51:35.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3137 (GCVE-0-2017-3137)
Vulnerability from cvelistv5 – Published: 2019-01-16 20:00 – Updated: 2024-09-17 01:02
VLAI?
Summary
Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8.
Severity ?
7.5 (High)
CWE
- A server which is performing recursion can be forced to exit with an assertion failure if it can be caused to receive a response containing CNAME or DNAME resource records with certain ordering. An attacker can cause a denial of service by exploiting this condition. Recursive resolvers are at highest risk but authoritative servers are theoretically vulnerable if they perform recursion.
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "1038258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038258"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "1040195",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040195"
},
{
"name": "RHSA-2017:1582",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1582"
},
{
"name": "DSA-3854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "RHSA-2017:1583",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1583"
},
{
"name": "97651",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97651"
},
{
"name": "RHSA-2017:1105",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01466"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, and 9.9.9-S8"
}
]
}
],
"datePublic": "2017-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, and 9.9.9-S8."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A server which is performing recursion can be forced to exit with an assertion failure if it can be caused to receive a response containing CNAME or DNAME resource records with certain ordering. An attacker can cause a denial of service by exploiting this condition. Recursive resolvers are at highest risk but authoritative servers are theoretically vulnerable if they perform recursion.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-17T10:57:01",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "RHSA-2017:1095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "1038258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038258"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "1040195",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040195"
},
{
"name": "RHSA-2017:1582",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1582"
},
{
"name": "DSA-3854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "RHSA-2017:1583",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1583"
},
{
"name": "97651",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97651"
},
{
"name": "RHSA-2017:1105",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01466"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME",
"workarounds": [
{
"lang": "en",
"value": "None known."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-03-12T00:00:00.000Z",
"ID": "CVE-2017-3137",
"STATE": "PUBLIC",
"TITLE": "A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, and 9.9.9-S8"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, and 9.9.9-S8."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A server which is performing recursion can be forced to exit with an assertion failure if it can be caused to receive a response containing CNAME or DNAME resource records with certain ordering. An attacker can cause a denial of service by exploiting this condition. Recursive resolvers are at highest risk but authoritative servers are theoretically vulnerable if they perform recursion."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "1038258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038258"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180802-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "1040195",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040195"
},
{
"name": "RHSA-2017:1582",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1582"
},
{
"name": "DSA-3854",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "RHSA-2017:1583",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1583"
},
{
"name": "97651",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97651"
},
{
"name": "RHSA-2017:1105",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"name": "https://kb.isc.org/docs/aa-01466",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01466"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "None known."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2017-3137",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-17T01:02:07.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3145 (GCVE-0-2017-3145)
Vulnerability from cvelistv5 – Published: 2019-01-16 20:00 – Updated: 2024-09-17 00:10
VLAI?
Summary
BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1.
Severity ?
7.5 (High)
CWE
- While this bug has existed in BIND since 9.0.0, there are no known code paths leading to it in ISC releases prior to those containing the fix for CVE-2017-3137. Thus while all instances of BIND ought to be patched, only ISC versions [9.9.9-P8 to 9.9.11, 9.10.4-P8 to 9.10.6, 9.11.0-P5 to 9.11.2, 9.9.9-S10 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, and 9.12.0a1 to 9.12.0rc1] acting as DNSSEC validating resolvers are currently known to crash due to this bug. The known crash is an assertion failure in netaddr.c.
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Impacted products
Credits
ISC would like to thank Jayachandran Palanisamy of Cygate AB for making us aware of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.228Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:0102",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0102"
},
{
"name": "RHSA-2018:0487",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0487"
},
{
"name": "DSA-4089",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4089"
},
{
"name": "RHSA-2018:0488",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0488"
},
{
"name": "RHSA-2018:0101",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0101"
},
{
"name": "1040195",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040195"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01542"
},
{
"name": "102716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102716"
},
{
"name": "[debian-lts-announce] 20180121 [SECURITY] [DLA 1255-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0003/"
},
{
"tags": [
"vendor-advisory",
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Jayachandran Palanisamy of Cygate AB for making us aware of this vulnerability."
}
],
"datePublic": "2018-01-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "While this bug has existed in BIND since 9.0.0, there are no known code paths leading to it in ISC releases prior to those containing the fix for CVE-2017-3137. Thus while all instances of BIND ought to be patched, only ISC versions [9.9.9-P8 to 9.9.11, 9.10.4-P8 to 9.10.6, 9.11.0-P5 to 9.11.2, 9.9.9-S10 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, and 9.12.0a1 to 9.12.0rc1] acting as DNSSEC validating resolvers are currently known to crash due to this bug. The known crash is an assertion failure in netaddr.c.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-16T16:28:34.033Z",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "RHSA-2018:0102",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0102"
},
{
"name": "RHSA-2018:0487",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0487"
},
{
"name": "DSA-4089",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4089"
},
{
"name": "RHSA-2018:0488",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0488"
},
{
"name": "RHSA-2018:0101",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0101"
},
{
"name": "1040195",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040195"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01542"
},
{
"name": "102716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102716"
},
{
"name": "[debian-lts-announce] 20180121 [SECURITY] [DLA 1255-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0003/"
},
{
"tags": [
"vendor-advisory",
"x_refsource_CONFIRM"
],
"url": "https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.11-P1\n BIND 9 version 9.10.6-P1\n BIND 9 version 9.11.2-P1\n BIND 9 version 9.12.0rc2\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.11-S2\n BIND 9 version 9.10.6-S2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper fetch cleanup sequencing in the resolver can cause named to crash",
"workarounds": [
{
"lang": "en",
"value": "If an operator is experiencing crashes due to this, temporarily disabling DNSSEC validation can be used to avoid the known problematic code path while replacement builds are prepared."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2018-01-16T00:00:00.000Z",
"ID": "CVE-2017-3145",
"STATE": "PUBLIC",
"TITLE": "Improper fetch cleanup sequencing in the resolver can cause named to crash"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Jayachandran Palanisamy of Cygate AB for making us aware of this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "While this bug has existed in BIND since 9.0.0, there are no known code paths leading to it in ISC releases prior to those containing the fix for CVE-2017-3137. Thus while all instances of BIND ought to be patched, only ISC versions [9.9.9-P8 to 9.9.11, 9.10.4-P8 to 9.10.6, 9.11.0-P5 to 9.11.2, 9.9.9-S10 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, and 9.12.0a1 to 9.12.0rc1] acting as DNSSEC validating resolvers are currently known to crash due to this bug. The known crash is an assertion failure in netaddr.c."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:0102",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0102"
},
{
"name": "RHSA-2018:0487",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0487"
},
{
"name": "DSA-4089",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4089"
},
{
"name": "RHSA-2018:0488",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0488"
},
{
"name": "RHSA-2018:0101",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0101"
},
{
"name": "1040195",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040195"
},
{
"name": "https://kb.isc.org/docs/aa-01542",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01542"
},
{
"name": "102716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102716"
},
{
"name": "[debian-lts-announce] 20180121 [SECURITY] [DLA 1255-1] bind9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180117-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180117-0003/"
},
{
"name": "https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named",
"refsource": "CONFIRM",
"url": "https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.11-P1\n BIND 9 version 9.10.6-P1\n BIND 9 version 9.11.2-P1\n BIND 9 version 9.12.0rc2\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.11-S2\n BIND 9 version 9.10.6-S2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "If an operator is experiencing crashes due to this, temporarily disabling DNSSEC validation can be used to avoid the known problematic code path while replacement builds are prepared."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2017-3145",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-17T00:10:46.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9778 (GCVE-0-2016-9778)
Vulnerability from cvelistv5 – Published: 2019-01-16 20:00 – Updated: 2024-09-16 20:01
VLAI?
Summary
An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the "nxdomain-redirect" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type "redirect" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -> 9.9.8-S3, 9.9.9-S1 -> 9.9.9-S6, 9.11.0-9.11.0-P1.
Severity ?
7.5 (High)
CWE
- Only servers which are performing NXDOMAIN redirection using the "nxdomain-redirect" function are potentially vulnerable and then only a subset of those servers. In order to be affected a server must be using nxdomain-redirect AND must be redirecting NXDOMAIN responses for a zone for which the server also provides authoritative service -- therefore a purely recursive server is not at risk, either. Successful exploitation of the vulnerability will cause named to stop execution after encountering a REQUIRE assertion failure in db.c, resulting in denial of service to clients.
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:03.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037582",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037582"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/article/AA-01442/"
},
{
"name": "95388",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95388"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "BIND 9 9.9.8-S1 -\u003e 9.9.8-S3, 9.9.9-S1 -\u003e 9.9.9-S6, 9.11.0-9.11.0-P1"
}
]
}
],
"datePublic": "2017-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the \"nxdomain-redirect\" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type \"redirect\" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -\u003e 9.9.8-S3, 9.9.9-S1 -\u003e 9.9.9-S6, 9.11.0-9.11.0-P1."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Only servers which are performing NXDOMAIN redirection using the \"nxdomain-redirect\" function are potentially vulnerable and then only a subset of those servers. In order to be affected a server must be using nxdomain-redirect AND must be redirecting NXDOMAIN responses for a zone for which the server also provides authoritative service -- therefore a purely recursive server is not at risk, either. Successful exploitation of the vulnerability will cause named to stop execution after encountering a REQUIRE assertion failure in db.c, resulting in denial of service to clients.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-17T10:57:01",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "1037582",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037582"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/article/AA-01442/"
},
{
"name": "95388",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95388"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.11.0-P2\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9.9.9-S7"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c",
"workarounds": [
{
"lang": "en",
"value": "Either provide an ordinary (that is: not redirected) NXDOMAIN for non-existent resource records in zones for which authoritative data is served on the same server or use redirect zones instead of the nxdomain-redirect feature."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-01-11T00:00:00.000Z",
"ID": "CVE-2016-9778",
"STATE": "PUBLIC",
"TITLE": "An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_name": "BIND 9",
"version_value": "9.9.8-S1 -\u003e 9.9.8-S3, 9.9.9-S1 -\u003e 9.9.9-S6, 9.11.0-9.11.0-P1"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the \"nxdomain-redirect\" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type \"redirect\" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -\u003e 9.9.8-S3, 9.9.9-S1 -\u003e 9.9.9-S6, 9.11.0-9.11.0-P1."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Only servers which are performing NXDOMAIN redirection using the \"nxdomain-redirect\" function are potentially vulnerable and then only a subset of those servers. In order to be affected a server must be using nxdomain-redirect AND must be redirecting NXDOMAIN responses for a zone for which the server also provides authoritative service -- therefore a purely recursive server is not at risk, either. Successful exploitation of the vulnerability will cause named to stop execution after encountering a REQUIRE assertion failure in db.c, resulting in denial of service to clients."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037582",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037582"
},
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"name": "https://kb.isc.org/article/AA-01442/",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/article/AA-01442/"
},
{
"name": "95388",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95388"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.11.0-P2\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9.9.9-S7"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Either provide an ordinary (that is: not redirected) NXDOMAIN for non-existent resource records in zones for which authoritative data is served on the same server or use redirect zones instead of the nxdomain-redirect feature."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2016-9778",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-16T20:01:47.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3138 (GCVE-0-2017-3138)
Vulnerability from cvelistv5 – Published: 2019-01-16 20:00 – Updated: 2024-09-16 22:40
VLAI?
Summary
named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of named can be caused to exit with a REQUIRE assertion failure if they are sent a null command string. Affects BIND 9.9.9->9.9.9-P7, 9.9.10b1->9.9.10rc2, 9.10.4->9.10.4-P7, 9.10.5b1->9.10.5rc2, 9.11.0->9.11.0-P4, 9.11.1b1->9.11.1rc2, 9.9.9-S1->9.9.9-S9.
Severity ?
6.5 (Medium)
CWE
- The BIND control channel is not configured by default, but when configured will accept commands from those IP addresses that are specified in its access control list and/or from clients which present the proper transaction key. Using this defect, an attacker can cause a running server to stop if they can get it to accept control channel input from them. In most instances this is not as bad as it sounds, because existing commands permitted over the control channel (i.e. "rndc stop") can already be given to cause the server to stop. However, BIND 9.11.0 introduced a new option to allow "read only" commands over the command channel. Using this restriction, a server can be configured to limit specified clients to giving control channel commands which return information only (e.g. "rndc status") without affecting the operational state of the server. The defect described in this advisory, however, is not properly stopped by the "read only" restriction, in essence permitting a privilege escalation allowing a client which should only be permitted the limited set of "read only" operations to cause the server to stop execution.
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
Credits
ISC would like to thank Mike Lalumiere of Dyn, Inc., for bringing this issue to our attention.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038260",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038260"
},
{
"name": "97657",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97657"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "DSA-3854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01471"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.9.9-\u003e9.9.9-P7, 9.9.10b1-\u003e9.9.10rc2, 9.10.4-\u003e9.10.4-P7, 9.10.5b1-\u003e9.10.5rc2, 9.11.0-\u003e9.11.0-P4, 9.11.1b1-\u003e9.11.1rc2, 9.9.9-S1-\u003e9.9.9-S9"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Mike Lalumiere of Dyn, Inc., for bringing this issue to our attention."
}
],
"datePublic": "2017-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of named can be caused to exit with a REQUIRE assertion failure if they are sent a null command string. Affects BIND 9.9.9-\u003e9.9.9-P7, 9.9.10b1-\u003e9.9.10rc2, 9.10.4-\u003e9.10.4-P7, 9.10.5b1-\u003e9.10.5rc2, 9.11.0-\u003e9.11.0-P4, 9.11.1b1-\u003e9.11.1rc2, 9.9.9-S1-\u003e9.9.9-S9."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "The BIND control channel is not configured by default, but when configured will accept commands from those IP addresses that are specified in its access control list and/or from clients which present the proper transaction key. Using this defect, an attacker can cause a running server to stop if they can get it to accept control channel input from them. In most instances this is not as bad as it sounds, because existing commands permitted over the control channel (i.e. \"rndc stop\") can already be given to cause the server to stop.\n\nHowever, BIND 9.11.0 introduced a new option to allow \"read only\" commands over the command channel. Using this restriction, a server can be configured to limit specified clients to giving control channel commands which return information only (e.g. \"rndc status\") without affecting the operational state of the server. The defect described in this advisory, however, is not properly stopped by the \"read only\" restriction, in essence permitting a privilege escalation allowing a client which should only be permitted the limited set of \"read only\" operations to cause the server to stop execution.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-17T10:57:01",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "1038260",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038260"
},
{
"name": "97657",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97657"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "DSA-3854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01471"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "named exits with a REQUIRE assertion failure if it receives a null command string on its control channel",
"workarounds": [
{
"lang": "en",
"value": "None. However, in a properly configured server, access to the control channel should already be limited by either network ACLs, TSIG keys, or both."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-03-12T00:00:00.000Z",
"ID": "CVE-2017-3138",
"STATE": "PUBLIC",
"TITLE": "named exits with a REQUIRE assertion failure if it receives a null command string on its control channel"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.9.9-\u003e9.9.9-P7, 9.9.10b1-\u003e9.9.10rc2, 9.10.4-\u003e9.10.4-P7, 9.10.5b1-\u003e9.10.5rc2, 9.11.0-\u003e9.11.0-P4, 9.11.1b1-\u003e9.11.1rc2, 9.9.9-S1-\u003e9.9.9-S9"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Mike Lalumiere of Dyn, Inc., for bringing this issue to our attention."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of named can be caused to exit with a REQUIRE assertion failure if they are sent a null command string. Affects BIND 9.9.9-\u003e9.9.9-P7, 9.9.10b1-\u003e9.9.10rc2, 9.10.4-\u003e9.10.4-P7, 9.10.5b1-\u003e9.10.5rc2, 9.11.0-\u003e9.11.0-P4, 9.11.1b1-\u003e9.11.1rc2, 9.9.9-S1-\u003e9.9.9-S9."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "The BIND control channel is not configured by default, but when configured will accept commands from those IP addresses that are specified in its access control list and/or from clients which present the proper transaction key. Using this defect, an attacker can cause a running server to stop if they can get it to accept control channel input from them. In most instances this is not as bad as it sounds, because existing commands permitted over the control channel (i.e. \"rndc stop\") can already be given to cause the server to stop.\n\nHowever, BIND 9.11.0 introduced a new option to allow \"read only\" commands over the command channel. Using this restriction, a server can be configured to limit specified clients to giving control channel commands which return information only (e.g. \"rndc status\") without affecting the operational state of the server. The defect described in this advisory, however, is not properly stopped by the \"read only\" restriction, in essence permitting a privilege escalation allowing a client which should only be permitted the limited set of \"read only\" operations to cause the server to stop execution."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038260",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038260"
},
{
"name": "97657",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97657"
},
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180802-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "DSA-3854",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "https://kb.isc.org/docs/aa-01471",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01471"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "None. However, in a properly configured server, access to the control channel should already be limited by either network ACLs, TSIG keys, or both."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2017-3138",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-16T22:40:54.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-5736 (GCVE-0-2018-5736)
Vulnerability from cvelistv5 – Published: 2019-01-16 20:00 – Updated: 2024-08-05 05:40
VLAI?
Summary
An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is permitted to cause a vulnerable server to initiate zone transfers (for example: by sending valid NOTIFY messages), causing the named process to exit after failing the assertion test. Affects BIND 9.12.0 and 9.12.1.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:40:51.229Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104386",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104386"
},
{
"name": "1040941",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040941"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0004/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01602"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-05-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is permitted to cause a vulnerable server to initiate zone transfers (for example: by sending valid NOTIFY messages), causing the named process to exit after failing the assertion test. Affects BIND 9.12.0 and 9.12.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-17T10:57:01",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "104386",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104386"
},
{
"name": "1040941",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040941"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0004/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01602"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"ID": "CVE-2018-5736",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is permitted to cause a vulnerable server to initiate zone transfers (for example: by sending valid NOTIFY messages), causing the named process to exit after failing the assertion test. Affects BIND 9.12.0 and 9.12.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104386",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104386"
},
{
"name": "1040941",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040941"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0004/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180926-0004/"
},
{
"name": "https://kb.isc.org/docs/aa-01602",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01602"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2018-5736",
"datePublished": "2019-01-16T20:00:00",
"dateReserved": "2018-01-17T00:00:00",
"dateUpdated": "2024-08-05T05:40:51.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-5734 (GCVE-0-2018-5734)
Vulnerability from nvd – Published: 2019-01-16 20:00 – Updated: 2024-09-17 02:31
VLAI?
Summary
While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2.
Severity ?
7.5 (High)
CWE
- Servers running the affected versions (9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, and 9.10.6-S2) are vulnerable if they allow recursion, unless the SERVFAIL cache is disabled for the receiving view.
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:40:51.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01562"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"name": "103189",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103189"
},
{
"name": "1040438",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040438"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2"
}
]
}
],
"datePublic": "2018-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn\u0027t contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Servers running the affected versions (9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, and 9.10.6-S2) are vulnerable if they allow recursion, unless the SERVFAIL cache is disabled for the receiving view.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-17T10:57:01",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01562"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"name": "103189",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103189"
},
{
"name": "1040438",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040438"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release.\n\n No publicly released versions of BIND are affected\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.10.6-S3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "A malformed request can trigger an assertion failure in badcache.c",
"workarounds": [
{
"lang": "en",
"value": "Disabling the SERVFAIL cache with \u0027servfail-ttl 0;\u0027 will prevent taking the code path that leads to the assertion failure."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2018-02-28T00:00:00.000Z",
"ID": "CVE-2018-5734",
"STATE": "PUBLIC",
"TITLE": "A malformed request can trigger an assertion failure in badcache.c"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn\u0027t contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Servers running the affected versions (9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, and 9.10.6-S2) are vulnerable if they allow recursion, unless the SERVFAIL cache is disabled for the receiving view."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.isc.org/docs/aa-01562",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01562"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"name": "103189",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103189"
},
{
"name": "1040438",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040438"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release.\n\n No publicly released versions of BIND are affected\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.10.6-S3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Disabling the SERVFAIL cache with \u0027servfail-ttl 0;\u0027 will prevent taking the code path that leads to the assertion failure."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2018-5734",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2018-01-17T00:00:00",
"dateUpdated": "2024-09-17T02:31:46.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3140 (GCVE-0-2017-3140)
Vulnerability from nvd – Published: 2019-01-16 20:00 – Updated: 2024-09-17 04:10
VLAI?
Summary
If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0->9.11.1, 9.9.10-S1, 9.10.5-S1.
Severity ?
CWE
- A server is potentially vulnerable to degradation of service if the server is configured to use RPZ, the server uses NSDNAME or NSIP policy rules, and an attacker can cause the server to process a specific query Successful exploitation of this condition will cause named to enter a state where it continues to loop while processing the query without ever reaching an end state. While in this state, named repeatedly queries the same sets of authoritative nameservers and this behavior will usually persist indefinitely beyond the normal client query processing timeout. By triggering this condition multiple times, an attacker could cause a deliberate and substantial degradation in service. Operators of servers that meet the above conditions 1. and 2. may also accidentally encounter this defect during normal operation. It is for this reason that the decision was made to issue this advisory despite its low CVSS score.
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
Credits
ISC would like to thank Oli Schacher of Switch for bringing this defect to our attention.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038692",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038692"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "99088",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99088"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03772en_us"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01495"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.9.10, 9.10.5, 9.11.0-\u003e9.11.1, 9.9.10-S1, 9.10.5-S1"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Oli Schacher of Switch for bringing this defect to our attention."
}
],
"datePublic": "2017-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0-\u003e9.11.1, 9.9.10-S1, 9.10.5-S1."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A server is potentially vulnerable to degradation of service if\n\n the server is configured to use RPZ,\n the server uses NSDNAME or NSIP policy rules, and\n an attacker can cause the server to process a specific query\n\nSuccessful exploitation of this condition will cause named to enter a state where it continues to loop while processing the query without ever reaching an end state. While in this state, named repeatedly queries the same sets of authoritative nameservers and this behavior will usually persist indefinitely beyond the normal client query processing timeout. By triggering this condition multiple times, an attacker could cause a deliberate and substantial degradation in service.\n\nOperators of servers that meet the above conditions 1. and 2. may also accidentally encounter this defect during normal operation. It is for this reason that the decision was made to issue this advisory despite its low CVSS score.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-17T10:57:01",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "1038692",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038692"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "99088",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99088"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03772en_us"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01495"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.10-P1\n BIND 9 version 9.10.5-P1\n BIND 9 version 9.11.1-P1\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.10-S2\n BIND 9 version 9.10.5-S2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An error processing RPZ rules can cause named to loop endlessly after handling a query",
"workarounds": [
{
"lang": "en",
"value": "Only the NSDNAME and NSIP RPZ rule types can cause this condition to occur. You can work around this vulnerability if you are able to express your desired policy while avoiding NSDNAME or NSIP rules, otherwise it is advised that you upgrade to a version which corrects the defect."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-06-14T00:00:00.000Z",
"ID": "CVE-2017-3140",
"STATE": "PUBLIC",
"TITLE": "An error processing RPZ rules can cause named to loop endlessly after handling a query"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.9.10, 9.10.5, 9.11.0-\u003e9.11.1, 9.9.10-S1, 9.10.5-S1"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Oli Schacher of Switch for bringing this defect to our attention."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0-\u003e9.11.1, 9.9.10-S1, 9.10.5-S1."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A server is potentially vulnerable to degradation of service if\n\n the server is configured to use RPZ,\n the server uses NSDNAME or NSIP policy rules, and\n an attacker can cause the server to process a specific query\n\nSuccessful exploitation of this condition will cause named to enter a state where it continues to loop while processing the query without ever reaching an end state. While in this state, named repeatedly queries the same sets of authoritative nameservers and this behavior will usually persist indefinitely beyond the normal client query processing timeout. By triggering this condition multiple times, an attacker could cause a deliberate and substantial degradation in service.\n\nOperators of servers that meet the above conditions 1. and 2. may also accidentally encounter this defect during normal operation. It is for this reason that the decision was made to issue this advisory despite its low CVSS score."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038692",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038692"
},
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "99088",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99088"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03772en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03772en_us"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180926-0001/"
},
{
"name": "https://kb.isc.org/docs/aa-01495",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01495"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.10-P1\n BIND 9 version 9.10.5-P1\n BIND 9 version 9.11.1-P1\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.10-S2\n BIND 9 version 9.10.5-S2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Only the NSDNAME and NSIP RPZ rule types can cause this condition to occur. You can work around this vulnerability if you are able to express your desired policy while avoiding NSDNAME or NSIP rules, otherwise it is advised that you upgrade to a version which corrects the defect."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2017-3140",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-17T04:10:30.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3135 (GCVE-0-2017-3135)
Vulnerability from nvd – Published: 2019-01-16 20:00 – Updated: 2024-09-16 17:53
VLAI?
Summary
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.
Severity ?
7.5 (High)
CWE
- Servers utilizing both DNS64 and RPZ are potentially susceptible to encountering this condition. When this condition occurs, it will result in either an INSIST assertion failure (and subsequent abort) or an attempt to read through a NULL pointer. On most platforms a NULL pointer read leads to a segmentation fault (SEGFAULT), which causes the process to be terminated. Only servers which are configured to simultaneously use both Response Policy Zones (RPZ) and DNS64 (a method for synthesizing AAAA records from A records) can be affected by this vulnerability.
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
Credits
ISC would like to thank Ramesh Damodaran(Infoblox) and Aliaksandr Shubnik (Infoblox) for reporting the issue and assisting us in the investigation.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.177Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "RHSA-2017:0276",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0276.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "96150",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96150"
},
{
"name": "1037801",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037801"
},
{
"name": "DSA-3795",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-3795"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01453"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "BIND 9 9.8.8, 9.9.3-S1 -\u003e 9.9.9-S7, 9.9.3 -\u003e 9.9.9-P5, 9.9.10b1, 9.10.0 -\u003e 9.10.4-P5, 9.10.5b1, 9.11.0 -\u003e 9.11.0-P2, 9.11.1b1"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Servers utilizing both DNS64 and RPZ are potentially susceptible to encountering this condition."
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Ramesh Damodaran(Infoblox) and Aliaksandr Shubnik (Infoblox) for reporting the issue and assisting us in the investigation."
}
],
"datePublic": "2017-02-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -\u003e 9.9.9-S7, 9.9.3 -\u003e 9.9.9-P5, 9.9.10b1, 9.10.0 -\u003e 9.10.4-P5, 9.10.5b1, 9.11.0 -\u003e 9.11.0-P2, 9.11.1b1."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Servers utilizing both DNS64 and RPZ are potentially susceptible to encountering this condition. When this condition occurs, it will result in either an INSIST assertion failure (and subsequent abort) or an attempt to read through a NULL pointer. On most platforms a NULL pointer read leads to a segmentation fault (SEGFAULT), which causes the process to be terminated.\n\nOnly servers which are configured to simultaneously use both Response Policy Zones (RPZ) and DNS64 (a method for synthesizing AAAA records from A records) can be affected by this vulnerability.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-17T10:57:01",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "RHSA-2017:0276",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0276.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "96150",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96150"
},
{
"name": "1037801",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037801"
},
{
"name": "DSA-3795",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-3795"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01453"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P6\n BIND 9 version 9.10.4-P6\n BIND 9 version 9.11.0-P3\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S8"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Combination of DNS64 and RPZ Can Lead to Crash",
"workarounds": [
{
"lang": "en",
"value": "While it is possible to avoid the condition by removing either DNS64 or RPZ from the configuration, or by carefully restricting the contents of the policy zone, for an affected configuration the most practical and safest course of action is to upgrade to a version of BIND without this vulnerability."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-02-08T00:00:00.000Z",
"ID": "CVE-2017-3135",
"STATE": "PUBLIC",
"TITLE": "Combination of DNS64 and RPZ Can Lead to Crash"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_name": "BIND 9",
"version_value": "9.8.8, 9.9.3-S1 -\u003e 9.9.9-S7, 9.9.3 -\u003e 9.9.9-P5, 9.9.10b1, 9.10.0 -\u003e 9.10.4-P5, 9.10.5b1, 9.11.0 -\u003e 9.11.0-P2, 9.11.1b1"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Servers utilizing both DNS64 and RPZ are potentially susceptible to encountering this condition."
}
],
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Ramesh Damodaran(Infoblox) and Aliaksandr Shubnik (Infoblox) for reporting the issue and assisting us in the investigation."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -\u003e 9.9.9-S7, 9.9.3 -\u003e 9.9.9-P5, 9.9.10b1, 9.10.0 -\u003e 9.10.4-P5, 9.10.5b1, 9.11.0 -\u003e 9.11.0-P2, 9.11.1b1."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Servers utilizing both DNS64 and RPZ are potentially susceptible to encountering this condition. When this condition occurs, it will result in either an INSIST assertion failure (and subsequent abort) or an attempt to read through a NULL pointer. On most platforms a NULL pointer read leads to a segmentation fault (SEGFAULT), which causes the process to be terminated.\n\nOnly servers which are configured to simultaneously use both Response Policy Zones (RPZ) and DNS64 (a method for synthesizing AAAA records from A records) can be affected by this vulnerability."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "RHSA-2017:0276",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0276.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "96150",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96150"
},
{
"name": "1037801",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037801"
},
{
"name": "DSA-3795",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3795"
},
{
"name": "https://kb.isc.org/docs/aa-01453",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01453"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P6\n BIND 9 version 9.10.4-P6\n BIND 9 version 9.11.0-P3\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S8"
}
],
"source": {
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "While it is possible to avoid the condition by removing either DNS64 or RPZ from the configuration, or by carefully restricting the contents of the policy zone, for an affected configuration the most practical and safest course of action is to upgrade to a version of BIND without this vulnerability."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2017-3135",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-16T17:53:49.488Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-5740 (GCVE-0-2018-5740)
Vulnerability from nvd – Published: 2019-01-16 20:00 – Updated: 2024-09-16 17:58
VLAI?
Summary
"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.
Severity ?
7.5 (High)
CWE
- Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients.
- Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients. Only servers which have explicitly enabled the "deny-answer-aliases" feature are at risk and disabling the feature prevents exploitation.
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
Impacted products
Credits
ISC would like to thank Tony Finch of the University of Cambridge for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:40:51.365Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105055",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105055"
},
{
"name": "[debian-lts-announce] 20180830 [SECURITY] [DLA 1485-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"
},
{
"name": "RHSA-2018:2570",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2570"
},
{
"name": "RHSA-2018:2571",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2571"
},
{
"name": "USN-3769-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3769-2/"
},
{
"name": "1041436",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041436"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0003/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01639"
},
{
"name": "USN-3769-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3769-1/"
},
{
"name": "GLSA-201903-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201903-13"
},
{
"name": "openSUSE-SU-2019:1533",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"
},
{
"name": "openSUSE-SU-2019:1532",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us"
},
{
"name": "[debian-lts-announce] 20211102 [SECURITY] [DLA 2807-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "BIND 9 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Only servers which have explicitly enabled the \"deny-answer-aliases\" feature are at risk and disabling the feature prevents exploitation."
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Tony Finch of the University of Cambridge for reporting this issue."
}
],
"datePublic": "2018-08-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients.",
"lang": "en",
"type": "text"
},
{
"description": "Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients. Only servers which have explicitly enabled the \"deny-answer-aliases\" feature are at risk and disabling the feature prevents exploitation.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-02T03:06:16",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "105055",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105055"
},
{
"name": "[debian-lts-announce] 20180830 [SECURITY] [DLA 1485-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"
},
{
"name": "RHSA-2018:2570",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2570"
},
{
"name": "RHSA-2018:2571",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2571"
},
{
"name": "USN-3769-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3769-2/"
},
{
"name": "1041436",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041436"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0003/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01639"
},
{
"name": "USN-3769-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3769-1/"
},
{
"name": "GLSA-201903-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201903-13"
},
{
"name": "openSUSE-SU-2019:1533",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"
},
{
"name": "openSUSE-SU-2019:1532",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us"
},
{
"name": "[debian-lts-announce] 20211102 [SECURITY] [DLA 2807-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Most operators will not need to make any changes unless they are using the \"deny-answer-aliases\" feature (which is described in the BIND 9 Adminstrator Reference Manual section 6.2.) \"deny-answer-aliases\" is off by default; only configurations which explicitly enable it can be affected by this defect.\n\nIf you are using \"deny-answer-aliases\", upgrade to the patched release most closely related to your current version of BIND.\n\n 9.9.13-P1\n 9.10.8-P1\n 9.11.4-P1\n 9.12.2-P1\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n 9.11.3-S3"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "A flaw in the \"deny-answer-aliases\" feature can cause an assertion failure in named",
"workarounds": [
{
"lang": "en",
"value": "This vulnerability can be avoided by disabling the \"deny-answer-aliases\" feature if it is in use."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2018-08-08T08:00:00.000Z",
"ID": "CVE-2018-5740",
"STATE": "PUBLIC",
"TITLE": "A flaw in the \"deny-answer-aliases\" feature can cause an assertion failure in named"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_name": "BIND 9",
"version_value": "9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Only servers which have explicitly enabled the \"deny-answer-aliases\" feature are at risk and disabling the feature prevents exploitation."
}
],
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Tony Finch of the University of Cambridge for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients."
},
{
"lang": "eng",
"value": "Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients. Only servers which have explicitly enabled the \"deny-answer-aliases\" feature are at risk and disabling the feature prevents exploitation."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105055",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105055"
},
{
"name": "[debian-lts-announce] 20180830 [SECURITY] [DLA 1485-1] bind9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"
},
{
"name": "RHSA-2018:2570",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2570"
},
{
"name": "RHSA-2018:2571",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2571"
},
{
"name": "USN-3769-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3769-2/"
},
{
"name": "1041436",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041436"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180926-0003/"
},
{
"name": "https://kb.isc.org/docs/aa-01639",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01639"
},
{
"name": "USN-3769-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3769-1/"
},
{
"name": "GLSA-201903-13",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201903-13"
},
{
"name": "openSUSE-SU-2019:1533",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"
},
{
"name": "openSUSE-SU-2019:1532",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us"
},
{
"name": "[debian-lts-announce] 20211102 [SECURITY] [DLA 2807-1] bind9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Most operators will not need to make any changes unless they are using the \"deny-answer-aliases\" feature (which is described in the BIND 9 Adminstrator Reference Manual section 6.2.) \"deny-answer-aliases\" is off by default; only configurations which explicitly enable it can be affected by this defect.\n\nIf you are using \"deny-answer-aliases\", upgrade to the patched release most closely related to your current version of BIND.\n\n 9.9.13-P1\n 9.10.8-P1\n 9.11.4-P1\n 9.12.2-P1\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n 9.11.3-S3"
}
],
"source": {
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "This vulnerability can be avoided by disabling the \"deny-answer-aliases\" feature if it is in use."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2018-5740",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2018-01-17T00:00:00",
"dateUpdated": "2024-09-16T17:58:43.029Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3136 (GCVE-0-2017-3136)
Vulnerability from nvd – Published: 2019-01-16 20:00 – Updated: 2024-09-17 00:51
VLAI?
Summary
A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.
Severity ?
5.9 (Medium)
CWE
- Servers are at risk if they are configured to use DNS64 and if the option "break-dnssec yes;" is in use.
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Impacted products
Credits
ISC would like to thank Oleg Gorokhov of Yandex for making us aware of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "DSA-3854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "1038259",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038259"
},
{
"name": "97653",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97653"
},
{
"name": "RHSA-2017:1105",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Oleg Gorokhov of Yandex for making us aware of this vulnerability."
}
],
"datePublic": "2017-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Servers are at risk if they are configured to use DNS64 and if the option \"break-dnssec yes;\" is in use.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T11:06:37",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "RHSA-2017:1095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "DSA-3854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "1038259",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038259"
},
{
"name": "97653",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97653"
},
{
"name": "RHSA-2017:1105",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"name": "openSUSE-SU-2020:1699",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An error handling synthesized records could cause an assertion failure when using DNS64 with \"break-dnssec yes;\"",
"workarounds": [
{
"lang": "en",
"value": "Servers which have configurations which require DNS64 and \"break-dnssec yes;\" should upgrade. Servers which are not using these features in conjunction are not at risk from this defect."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-03-12T00:00:00.000Z",
"ID": "CVE-2017-3136",
"STATE": "PUBLIC",
"TITLE": "An error handling synthesized records could cause an assertion failure when using DNS64 with \"break-dnssec yes;\""
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Oleg Gorokhov of Yandex for making us aware of this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -\u003e 9.8.8-P1, 9.9.0 -\u003e 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.0 -\u003e 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0 -\u003e 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, 9.9.3-S1 -\u003e 9.9.9-S8."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Servers are at risk if they are configured to use DNS64 and if the option \"break-dnssec yes;\" is in use."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180802-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03747en_us"
},
{
"name": "DSA-3854",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "1038259",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038259"
},
{
"name": "97653",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97653"
},
{
"name": "RHSA-2017:1105",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"name": "https://kb.isc.org/docs/aa-01465",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01465"
},
{
"name": "openSUSE-SU-2020:1699",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
},
{
"name": "openSUSE-SU-2020:1701",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Servers which have configurations which require DNS64 and \"break-dnssec yes;\" should upgrade. Servers which are not using these features in conjunction are not at risk from this defect."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2017-3136",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-17T00:51:35.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3137 (GCVE-0-2017-3137)
Vulnerability from nvd – Published: 2019-01-16 20:00 – Updated: 2024-09-17 01:02
VLAI?
Summary
Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8.
Severity ?
7.5 (High)
CWE
- A server which is performing recursion can be forced to exit with an assertion failure if it can be caused to receive a response containing CNAME or DNAME resource records with certain ordering. An attacker can cause a denial of service by exploiting this condition. Recursive resolvers are at highest risk but authoritative servers are theoretically vulnerable if they perform recursion.
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:1095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "1038258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038258"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "1040195",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040195"
},
{
"name": "RHSA-2017:1582",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1582"
},
{
"name": "DSA-3854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "RHSA-2017:1583",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1583"
},
{
"name": "97651",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97651"
},
{
"name": "RHSA-2017:1105",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01466"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, and 9.9.9-S8"
}
]
}
],
"datePublic": "2017-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, and 9.9.9-S8."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A server which is performing recursion can be forced to exit with an assertion failure if it can be caused to receive a response containing CNAME or DNAME resource records with certain ordering. An attacker can cause a denial of service by exploiting this condition. Recursive resolvers are at highest risk but authoritative servers are theoretically vulnerable if they perform recursion.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-17T10:57:01",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "RHSA-2017:1095",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "1038258",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038258"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "1040195",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040195"
},
{
"name": "RHSA-2017:1582",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1582"
},
{
"name": "DSA-3854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "RHSA-2017:1583",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1583"
},
{
"name": "97651",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97651"
},
{
"name": "RHSA-2017:1105",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01466"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME",
"workarounds": [
{
"lang": "en",
"value": "None known."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-03-12T00:00:00.000Z",
"ID": "CVE-2017-3137",
"STATE": "PUBLIC",
"TITLE": "A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, and 9.9.9-S8"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1-\u003e9.9.10rc1, 9.10.4-P6, 9.10.5b1-\u003e9.10.5rc1, 9.11.0-P3, 9.11.1b1-\u003e9.11.1rc1, and 9.9.9-S8."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A server which is performing recursion can be forced to exit with an assertion failure if it can be caused to receive a response containing CNAME or DNAME resource records with certain ordering. An attacker can cause a denial of service by exploiting this condition. Recursive resolvers are at highest risk but authoritative servers are theoretically vulnerable if they perform recursion."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:1095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1095"
},
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "1038258",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038258"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180802-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "1040195",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040195"
},
{
"name": "RHSA-2017:1582",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1582"
},
{
"name": "DSA-3854",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "RHSA-2017:1583",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1583"
},
{
"name": "97651",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97651"
},
{
"name": "RHSA-2017:1105",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1105"
},
{
"name": "https://kb.isc.org/docs/aa-01466",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01466"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "None known."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2017-3137",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-17T01:02:07.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3145 (GCVE-0-2017-3145)
Vulnerability from nvd – Published: 2019-01-16 20:00 – Updated: 2024-09-17 00:10
VLAI?
Summary
BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1.
Severity ?
7.5 (High)
CWE
- While this bug has existed in BIND since 9.0.0, there are no known code paths leading to it in ISC releases prior to those containing the fix for CVE-2017-3137. Thus while all instances of BIND ought to be patched, only ISC versions [9.9.9-P8 to 9.9.11, 9.10.4-P8 to 9.10.6, 9.11.0-P5 to 9.11.2, 9.9.9-S10 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, and 9.12.0a1 to 9.12.0rc1] acting as DNSSEC validating resolvers are currently known to crash due to this bug. The known crash is an assertion failure in netaddr.c.
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Impacted products
Credits
ISC would like to thank Jayachandran Palanisamy of Cygate AB for making us aware of this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.228Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:0102",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0102"
},
{
"name": "RHSA-2018:0487",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0487"
},
{
"name": "DSA-4089",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4089"
},
{
"name": "RHSA-2018:0488",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0488"
},
{
"name": "RHSA-2018:0101",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0101"
},
{
"name": "1040195",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040195"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01542"
},
{
"name": "102716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102716"
},
{
"name": "[debian-lts-announce] 20180121 [SECURITY] [DLA 1255-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0003/"
},
{
"tags": [
"vendor-advisory",
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Jayachandran Palanisamy of Cygate AB for making us aware of this vulnerability."
}
],
"datePublic": "2018-01-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "While this bug has existed in BIND since 9.0.0, there are no known code paths leading to it in ISC releases prior to those containing the fix for CVE-2017-3137. Thus while all instances of BIND ought to be patched, only ISC versions [9.9.9-P8 to 9.9.11, 9.10.4-P8 to 9.10.6, 9.11.0-P5 to 9.11.2, 9.9.9-S10 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, and 9.12.0a1 to 9.12.0rc1] acting as DNSSEC validating resolvers are currently known to crash due to this bug. The known crash is an assertion failure in netaddr.c.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-16T16:28:34.033Z",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "RHSA-2018:0102",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0102"
},
{
"name": "RHSA-2018:0487",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0487"
},
{
"name": "DSA-4089",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4089"
},
{
"name": "RHSA-2018:0488",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0488"
},
{
"name": "RHSA-2018:0101",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0101"
},
{
"name": "1040195",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040195"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01542"
},
{
"name": "102716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102716"
},
{
"name": "[debian-lts-announce] 20180121 [SECURITY] [DLA 1255-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0003/"
},
{
"tags": [
"vendor-advisory",
"x_refsource_CONFIRM"
],
"url": "https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.11-P1\n BIND 9 version 9.10.6-P1\n BIND 9 version 9.11.2-P1\n BIND 9 version 9.12.0rc2\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.11-S2\n BIND 9 version 9.10.6-S2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper fetch cleanup sequencing in the resolver can cause named to crash",
"workarounds": [
{
"lang": "en",
"value": "If an operator is experiencing crashes due to this, temporarily disabling DNSSEC validation can be used to avoid the known problematic code path while replacement builds are prepared."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2018-01-16T00:00:00.000Z",
"ID": "CVE-2017-3145",
"STATE": "PUBLIC",
"TITLE": "Improper fetch cleanup sequencing in the resolver can cause named to crash"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Jayachandran Palanisamy of Cygate AB for making us aware of this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "While this bug has existed in BIND since 9.0.0, there are no known code paths leading to it in ISC releases prior to those containing the fix for CVE-2017-3137. Thus while all instances of BIND ought to be patched, only ISC versions [9.9.9-P8 to 9.9.11, 9.10.4-P8 to 9.10.6, 9.11.0-P5 to 9.11.2, 9.9.9-S10 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, and 9.12.0a1 to 9.12.0rc1] acting as DNSSEC validating resolvers are currently known to crash due to this bug. The known crash is an assertion failure in netaddr.c."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:0102",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0102"
},
{
"name": "RHSA-2018:0487",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0487"
},
{
"name": "DSA-4089",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4089"
},
{
"name": "RHSA-2018:0488",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0488"
},
{
"name": "RHSA-2018:0101",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0101"
},
{
"name": "1040195",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040195"
},
{
"name": "https://kb.isc.org/docs/aa-01542",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01542"
},
{
"name": "102716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102716"
},
{
"name": "[debian-lts-announce] 20180121 [SECURITY] [DLA 1255-1] bind9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180117-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180117-0003/"
},
{
"name": "https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named",
"refsource": "CONFIRM",
"url": "https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.11-P1\n BIND 9 version 9.10.6-P1\n BIND 9 version 9.11.2-P1\n BIND 9 version 9.12.0rc2\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.11-S2\n BIND 9 version 9.10.6-S2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "If an operator is experiencing crashes due to this, temporarily disabling DNSSEC validation can be used to avoid the known problematic code path while replacement builds are prepared."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2017-3145",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-17T00:10:46.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-9778 (GCVE-0-2016-9778)
Vulnerability from nvd – Published: 2019-01-16 20:00 – Updated: 2024-09-16 20:01
VLAI?
Summary
An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the "nxdomain-redirect" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type "redirect" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -> 9.9.8-S3, 9.9.9-S1 -> 9.9.9-S6, 9.11.0-9.11.0-P1.
Severity ?
7.5 (High)
CWE
- Only servers which are performing NXDOMAIN redirection using the "nxdomain-redirect" function are potentially vulnerable and then only a subset of those servers. In order to be affected a server must be using nxdomain-redirect AND must be redirecting NXDOMAIN responses for a zone for which the server also provides authoritative service -- therefore a purely recursive server is not at risk, either. Successful exploitation of the vulnerability will cause named to stop execution after encountering a REQUIRE assertion failure in db.c, resulting in denial of service to clients.
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:03.474Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037582",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037582"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/article/AA-01442/"
},
{
"name": "95388",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95388"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "BIND 9 9.9.8-S1 -\u003e 9.9.8-S3, 9.9.9-S1 -\u003e 9.9.9-S6, 9.11.0-9.11.0-P1"
}
]
}
],
"datePublic": "2017-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the \"nxdomain-redirect\" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type \"redirect\" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -\u003e 9.9.8-S3, 9.9.9-S1 -\u003e 9.9.9-S6, 9.11.0-9.11.0-P1."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Only servers which are performing NXDOMAIN redirection using the \"nxdomain-redirect\" function are potentially vulnerable and then only a subset of those servers. In order to be affected a server must be using nxdomain-redirect AND must be redirecting NXDOMAIN responses for a zone for which the server also provides authoritative service -- therefore a purely recursive server is not at risk, either. Successful exploitation of the vulnerability will cause named to stop execution after encountering a REQUIRE assertion failure in db.c, resulting in denial of service to clients.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-17T10:57:01",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "1037582",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037582"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/article/AA-01442/"
},
{
"name": "95388",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95388"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.11.0-P2\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9.9.9-S7"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c",
"workarounds": [
{
"lang": "en",
"value": "Either provide an ordinary (that is: not redirected) NXDOMAIN for non-existent resource records in zones for which authoritative data is served on the same server or use redirect zones instead of the nxdomain-redirect feature."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-01-11T00:00:00.000Z",
"ID": "CVE-2016-9778",
"STATE": "PUBLIC",
"TITLE": "An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_name": "BIND 9",
"version_value": "9.9.8-S1 -\u003e 9.9.8-S3, 9.9.9-S1 -\u003e 9.9.9-S6, 9.11.0-9.11.0-P1"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the \"nxdomain-redirect\" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type \"redirect\" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -\u003e 9.9.8-S3, 9.9.9-S1 -\u003e 9.9.9-S6, 9.11.0-9.11.0-P1."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Only servers which are performing NXDOMAIN redirection using the \"nxdomain-redirect\" function are potentially vulnerable and then only a subset of those servers. In order to be affected a server must be using nxdomain-redirect AND must be redirecting NXDOMAIN responses for a zone for which the server also provides authoritative service -- therefore a purely recursive server is not at risk, either. Successful exploitation of the vulnerability will cause named to stop execution after encountering a REQUIRE assertion failure in db.c, resulting in denial of service to clients."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037582",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037582"
},
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"name": "https://kb.isc.org/article/AA-01442/",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/article/AA-01442/"
},
{
"name": "95388",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95388"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.11.0-P2\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9.9.9-S7"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Either provide an ordinary (that is: not redirected) NXDOMAIN for non-existent resource records in zones for which authoritative data is served on the same server or use redirect zones instead of the nxdomain-redirect feature."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2016-9778",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-16T20:01:47.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-3138 (GCVE-0-2017-3138)
Vulnerability from nvd – Published: 2019-01-16 20:00 – Updated: 2024-09-16 22:40
VLAI?
Summary
named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of named can be caused to exit with a REQUIRE assertion failure if they are sent a null command string. Affects BIND 9.9.9->9.9.9-P7, 9.9.10b1->9.9.10rc2, 9.10.4->9.10.4-P7, 9.10.5b1->9.10.5rc2, 9.11.0->9.11.0-P4, 9.11.1b1->9.11.1rc2, 9.9.9-S1->9.9.9-S9.
Severity ?
6.5 (Medium)
CWE
- The BIND control channel is not configured by default, but when configured will accept commands from those IP addresses that are specified in its access control list and/or from clients which present the proper transaction key. Using this defect, an attacker can cause a running server to stop if they can get it to accept control channel input from them. In most instances this is not as bad as it sounds, because existing commands permitted over the control channel (i.e. "rndc stop") can already be given to cause the server to stop. However, BIND 9.11.0 introduced a new option to allow "read only" commands over the command channel. Using this restriction, a server can be configured to limit specified clients to giving control channel commands which return information only (e.g. "rndc status") without affecting the operational state of the server. The defect described in this advisory, however, is not properly stopped by the "read only" restriction, in essence permitting a privilege escalation allowing a client which should only be permitted the limited set of "read only" operations to cause the server to stop execution.
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
Credits
ISC would like to thank Mike Lalumiere of Dyn, Inc., for bringing this issue to our attention.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038260",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038260"
},
{
"name": "97657",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97657"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "DSA-3854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01471"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.9.9-\u003e9.9.9-P7, 9.9.10b1-\u003e9.9.10rc2, 9.10.4-\u003e9.10.4-P7, 9.10.5b1-\u003e9.10.5rc2, 9.11.0-\u003e9.11.0-P4, 9.11.1b1-\u003e9.11.1rc2, 9.9.9-S1-\u003e9.9.9-S9"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Mike Lalumiere of Dyn, Inc., for bringing this issue to our attention."
}
],
"datePublic": "2017-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of named can be caused to exit with a REQUIRE assertion failure if they are sent a null command string. Affects BIND 9.9.9-\u003e9.9.9-P7, 9.9.10b1-\u003e9.9.10rc2, 9.10.4-\u003e9.10.4-P7, 9.10.5b1-\u003e9.10.5rc2, 9.11.0-\u003e9.11.0-P4, 9.11.1b1-\u003e9.11.1rc2, 9.9.9-S1-\u003e9.9.9-S9."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "The BIND control channel is not configured by default, but when configured will accept commands from those IP addresses that are specified in its access control list and/or from clients which present the proper transaction key. Using this defect, an attacker can cause a running server to stop if they can get it to accept control channel input from them. In most instances this is not as bad as it sounds, because existing commands permitted over the control channel (i.e. \"rndc stop\") can already be given to cause the server to stop.\n\nHowever, BIND 9.11.0 introduced a new option to allow \"read only\" commands over the command channel. Using this restriction, a server can be configured to limit specified clients to giving control channel commands which return information only (e.g. \"rndc status\") without affecting the operational state of the server. The defect described in this advisory, however, is not properly stopped by the \"read only\" restriction, in essence permitting a privilege escalation allowing a client which should only be permitted the limited set of \"read only\" operations to cause the server to stop execution.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-17T10:57:01",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "1038260",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038260"
},
{
"name": "97657",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97657"
},
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "DSA-3854",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01471"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "named exits with a REQUIRE assertion failure if it receives a null command string on its control channel",
"workarounds": [
{
"lang": "en",
"value": "None. However, in a properly configured server, access to the control channel should already be limited by either network ACLs, TSIG keys, or both."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-03-12T00:00:00.000Z",
"ID": "CVE-2017-3138",
"STATE": "PUBLIC",
"TITLE": "named exits with a REQUIRE assertion failure if it receives a null command string on its control channel"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.9.9-\u003e9.9.9-P7, 9.9.10b1-\u003e9.9.10rc2, 9.10.4-\u003e9.10.4-P7, 9.10.5b1-\u003e9.10.5rc2, 9.11.0-\u003e9.11.0-P4, 9.11.1b1-\u003e9.11.1rc2, 9.9.9-S1-\u003e9.9.9-S9"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Mike Lalumiere of Dyn, Inc., for bringing this issue to our attention."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of named can be caused to exit with a REQUIRE assertion failure if they are sent a null command string. Affects BIND 9.9.9-\u003e9.9.9-P7, 9.9.10b1-\u003e9.9.10rc2, 9.10.4-\u003e9.10.4-P7, 9.10.5b1-\u003e9.10.5rc2, 9.11.0-\u003e9.11.0-P4, 9.11.1b1-\u003e9.11.1rc2, 9.9.9-S1-\u003e9.9.9-S9."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "The BIND control channel is not configured by default, but when configured will accept commands from those IP addresses that are specified in its access control list and/or from clients which present the proper transaction key. Using this defect, an attacker can cause a running server to stop if they can get it to accept control channel input from them. In most instances this is not as bad as it sounds, because existing commands permitted over the control channel (i.e. \"rndc stop\") can already be given to cause the server to stop.\n\nHowever, BIND 9.11.0 introduced a new option to allow \"read only\" commands over the command channel. Using this restriction, a server can be configured to limit specified clients to giving control channel commands which return information only (e.g. \"rndc status\") without affecting the operational state of the server. The defect described in this advisory, however, is not properly stopped by the \"read only\" restriction, in essence permitting a privilege escalation allowing a client which should only be permitted the limited set of \"read only\" operations to cause the server to stop execution."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038260",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038260"
},
{
"name": "97657",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97657"
},
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180802-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180802-0002/"
},
{
"name": "DSA-3854",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3854"
},
{
"name": "https://kb.isc.org/docs/aa-01471",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01471"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P8\n BIND 9 version 9.10.4-P8\n BIND 9 version 9.11.0-P5\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S10\n\nNew maintenance releases of BIND are also scheduled which contain the fix for this vulnerability. In addition to the security releases listed above, fixes for this vulnerability are also included in these release candidate versions:\n\n BIND 9 version 9.9.10rc3\n BIND 9 version 9.10.5rc3\n BIND 9 version 9.11.1rc3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "None. However, in a properly configured server, access to the control channel should already be limited by either network ACLs, TSIG keys, or both."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2017-3138",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-16T22:40:54.323Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}