Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-3141 (GCVE-0-2017-3141)
Vulnerability from cvelistv5 – Published: 2019-01-16 20:00 – Updated: 2024-09-16 17:23
VLAI?
EPSS
Summary
The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2->9.2.9, 9.3.2-P1->9.3.6, 9.4.0->9.8.8, 9.9.0->9.9.10, 9.10.0->9.10.5, 9.11.0->9.11.1, 9.9.3-S1->9.9.10-S1, 9.10.5-S1.
Severity ?
7.2 (High)
CWE
- This vulnerability exists in the installer delivered with BIND for Windows and not within BIND itself. Non-Windows builds and installations are unaffected. A manual installation of BIND where the service path is quoted when added would not be at risk.
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
Credits
ISC would like to thank John Page aka hyp3rlinx for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.229Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01496"
},
{
"name": "1038693",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038693"
},
{
"name": "42121",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/42121/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0001/"
},
{
"name": "99089",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99089"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.2.6-P2-\u003e9.2.9, 9.3.2-P1-\u003e9.3.6, 9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10, 9.10.0-\u003e9.10.5, 9.11.0-\u003e9.11.1, 9.9.3-S1-\u003e9.9.10-S1, 9.10.5-S1"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank John Page aka hyp3rlinx for reporting this issue."
}
],
"datePublic": "2017-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2-\u003e9.2.9, 9.3.2-P1-\u003e9.3.6, 9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10, 9.10.0-\u003e9.10.5, 9.11.0-\u003e9.11.1, 9.9.3-S1-\u003e9.9.10-S1, 9.10.5-S1."
}
],
"exploits": [
{
"lang": "en",
"value": "No known active exploits but this generic weakness is already a well-known attack vector if user file access permissions do not adequately prevent the installation of malicious executables."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "This vulnerability exists in the installer delivered with BIND for Windows and not within BIND itself. Non-Windows builds and installations are unaffected. A manual installation of BIND where the service path is quoted when added would not be at risk.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-17T10:57:01",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "GLSA-201708-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01496"
},
{
"name": "1038693",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038693"
},
{
"name": "42121",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/42121/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0001/"
},
{
"name": "99089",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99089"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.10-P1\n BIND 9 version 9.10.5-P1\n BIND 9 version 9.11.1-P1\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.10-S2\n BIND 9 version 9.10.5-S2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Windows service and uninstall paths are not quoted when BIND is installed",
"workarounds": [
{
"lang": "en",
"value": "BIND installations on Windows are not at risk if the host file permissions prevent creation of a binary in a location where the service executor would run it instead of named.exe."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-06-14T00:00:00.000Z",
"ID": "CVE-2017-3141",
"STATE": "PUBLIC",
"TITLE": "Windows service and uninstall paths are not quoted when BIND is installed"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.2.6-P2-\u003e9.2.9, 9.3.2-P1-\u003e9.3.6, 9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10, 9.10.0-\u003e9.10.5, 9.11.0-\u003e9.11.1, 9.9.3-S1-\u003e9.9.10-S1, 9.10.5-S1"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank John Page aka hyp3rlinx for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2-\u003e9.2.9, 9.3.2-P1-\u003e9.3.6, 9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10, 9.10.0-\u003e9.10.5, 9.11.0-\u003e9.11.1, 9.9.3-S1-\u003e9.9.10-S1, 9.10.5-S1."
}
]
},
"exploit": [
{
"lang": "en",
"value": "No known active exploits but this generic weakness is already a well-known attack vector if user file access permissions do not adequately prevent the installation of malicious executables."
}
],
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "This vulnerability exists in the installer delivered with BIND for Windows and not within BIND itself. Non-Windows builds and installations are unaffected. A manual installation of BIND where the service path is quoted when added would not be at risk."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "https://kb.isc.org/docs/aa-01496",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01496"
},
{
"name": "1038693",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038693"
},
{
"name": "42121",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42121/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180926-0001/"
},
{
"name": "99089",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99089"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.10-P1\n BIND 9 version 9.10.5-P1\n BIND 9 version 9.11.1-P1\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.10-S2\n BIND 9 version 9.10.5-S2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "BIND installations on Windows are not at risk if the host file permissions prevent creation of a binary in a location where the service executor would run it instead of named.exe."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2017-3141",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2016-12-02T00:00:00",
"dateUpdated": "2024-09-16T17:23:44.753Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.2.6\", \"versionEndIncluding\": \"9.2.9\", \"matchCriteriaId\": \"880FF52C-CE36-4DE2-8FF7-8FEFCA53854C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.3.2\", \"versionEndIncluding\": \"9.3.6\", \"matchCriteriaId\": \"6756023D-C9EF-460D-A498-F9A3238B3570\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.4.0\", \"versionEndIncluding\": \"9.8.8\", \"matchCriteriaId\": \"343E9DD3-BBEA-4385-9A8E-0675BE74EC43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.9.0\", \"versionEndIncluding\": \"9.9.10\", \"matchCriteriaId\": \"4D75A16E-2EB4-4A10-9B63-AC04755AC1E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.10.0\", \"versionEndIncluding\": \"9.10.5\", \"matchCriteriaId\": \"E8039263-E38B-40B2-B3AA-3673C0DD8318\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.11.0\", \"versionEndIncluding\": \"9.11.1\", \"matchCriteriaId\": \"A8E6E2D9-E137-498C-B175-1CA268B6E551\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.2.6:p2:*:*:*:*:*:*\", \"matchCriteriaId\": \"16C74641-25F0-42CD-9523-5E026CCB716E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:9.3.2:p1:*:*:*:*:*:*\", \"matchCriteriaId\": \"6DC920B0-8C10-4C41-9AAD-C42AA4DF8368\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2-\u003e9.2.9, 9.3.2-P1-\u003e9.3.6, 9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10, 9.10.0-\u003e9.10.5, 9.11.0-\u003e9.11.1, 9.9.3-S1-\u003e9.9.10-S1, 9.10.5-S1.\"}, {\"lang\": \"es\", \"value\": \"El instalador de BIND en Windows emplea una ruta de servicio sin entrecomillar que puede permitir que un usuario local logre escalar privilegios si los permisos del sistema host de archivos lo permiten. Afecta a BIND desde la versi\\u00f3n 9.2.6-P2 hasta la 9.2.9, desde la 9.3.2-P1 hasta la 9.3.6, desde la 9.4.0 hasta la 9.8.8, desde la 9.9.0 hasta la 9.9.10, desde la 9.10.0 hasta la 9.10.5, desde la 9.11.0 hasta la 9.11.1, desde la 9.9.3-S1 hasta la 9.9.10-S1 y en la versi\\u00f3n 9.10.5-S1.\"}]",
"id": "CVE-2017-3141",
"lastModified": "2024-11-21T03:24:55.147",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"security-officer@isc.org\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.6, \"impactScore\": 6.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2019-01-16T20:29:00.503",
"references": "[{\"url\": \"http://www.securityfocus.com/bid/99089\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1038693\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://kb.isc.org/docs/aa-01496\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201708-01\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180926-0001/\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/42121/\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/99089\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1038693\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://kb.isc.org/docs/aa-01496\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201708-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180926-0001/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/42121/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}]",
"sourceIdentifier": "security-officer@isc.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-428\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-3141\",\"sourceIdentifier\":\"security-officer@isc.org\",\"published\":\"2019-01-16T20:29:00.503\",\"lastModified\":\"2024-11-21T03:24:55.147\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2-\u003e9.2.9, 9.3.2-P1-\u003e9.3.6, 9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10, 9.10.0-\u003e9.10.5, 9.11.0-\u003e9.11.1, 9.9.3-S1-\u003e9.9.10-S1, 9.10.5-S1.\"},{\"lang\":\"es\",\"value\":\"El instalador de BIND en Windows emplea una ruta de servicio sin entrecomillar que puede permitir que un usuario local logre escalar privilegios si los permisos del sistema host de archivos lo permiten. Afecta a BIND desde la versi\u00f3n 9.2.6-P2 hasta la 9.2.9, desde la 9.3.2-P1 hasta la 9.3.6, desde la 9.4.0 hasta la 9.8.8, desde la 9.9.0 hasta la 9.9.10, desde la 9.10.0 hasta la 9.10.5, desde la 9.11.0 hasta la 9.11.1, desde la 9.9.3-S1 hasta la 9.9.10-S1 y en la versi\u00f3n 9.10.5-S1.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"security-officer@isc.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.6,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-428\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.2.6\",\"versionEndIncluding\":\"9.2.9\",\"matchCriteriaId\":\"880FF52C-CE36-4DE2-8FF7-8FEFCA53854C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.3.2\",\"versionEndIncluding\":\"9.3.6\",\"matchCriteriaId\":\"6756023D-C9EF-460D-A498-F9A3238B3570\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.4.0\",\"versionEndIncluding\":\"9.8.8\",\"matchCriteriaId\":\"343E9DD3-BBEA-4385-9A8E-0675BE74EC43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.9.0\",\"versionEndIncluding\":\"9.9.10\",\"matchCriteriaId\":\"4D75A16E-2EB4-4A10-9B63-AC04755AC1E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.10.0\",\"versionEndIncluding\":\"9.10.5\",\"matchCriteriaId\":\"E8039263-E38B-40B2-B3AA-3673C0DD8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.11.0\",\"versionEndIncluding\":\"9.11.1\",\"matchCriteriaId\":\"A8E6E2D9-E137-498C-B175-1CA268B6E551\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.2.6:p2:*:*:*:*:*:*\",\"matchCriteriaId\":\"16C74641-25F0-42CD-9523-5E026CCB716E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.3.2:p1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DC920B0-8C10-4C41-9AAD-C42AA4DF8368\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/99089\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038693\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.isc.org/docs/aa-01496\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201708-01\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180926-0001/\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/42121/\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/99089\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038693\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://kb.isc.org/docs/aa-01496\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201708-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180926-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/42121/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]}]}}"
}
}
CNVD-2017-09365
Vulnerability from cnvd - Published: 2017-06-13
VLAI Severity ?
Title
ISC BIND 9权限提升漏洞
Description
ISC BIND是美国Internet Systems Consortium(ISC)公司所维护的一套实现了DNS协议的开源软件。
ISC BIND 9存在权限提升漏洞。攻击者可借助本地恶意的应用程序利用该漏洞在权限进程的上下文中执行任意代码。
Severity
高
Formal description
目前没有详细的解决方案提供: http://hyp3rlinx.altervista.org/advisories/BIND9-PRIVILEGE-ESCALATION.txt
Reference
https://cxsecurity.com/issue/WLB-2017060048
Impacted products
| Name | ISC BIND 9.10.5 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2017-3141",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3141"
}
},
"description": "ISC BIND\u662f\u7f8e\u56fdInternet Systems Consortium\uff08ISC\uff09\u516c\u53f8\u6240\u7ef4\u62a4\u7684\u4e00\u5957\u5b9e\u73b0\u4e86DNS\u534f\u8bae\u7684\u5f00\u6e90\u8f6f\u4ef6\u3002\r\n\r\nISC BIND 9\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u672c\u5730\u6076\u610f\u7684\u5e94\u7528\u7a0b\u5e8f\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u6743\u9650\u8fdb\u7a0b\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
"discovererName": "John Page aka hyp3rlinx",
"formalWay": "\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u89e3\u51b3\u65b9\u6848\u63d0\u4f9b\uff1a\r\nhttp://hyp3rlinx.altervista.org/advisories/BIND9-PRIVILEGE-ESCALATION.txt",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-09365",
"openTime": "2017-06-13",
"products": {
"product": "ISC BIND 9.10.5"
},
"referenceLink": "https://cxsecurity.com/issue/WLB-2017060048",
"serverity": "\u9ad8",
"submitTime": "2017-06-07",
"title": "ISC BIND 9\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}
CERTFR-2017-AVI-184
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans ISC BIND. Elles permettent à un attaquant de provoquer un déni de service à distance et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "BIND 9 versions 9.11.x ant\u00e9rieures \u00e0 9.11.1-P1",
"product": {
"name": "BIND",
"vendor": {
"name": "ISC",
"scada": false
}
}
},
{
"description": "BIND 9 versions 9.10.x ant\u00e9rieures \u00e0 9.10.5-P1",
"product": {
"name": "BIND",
"vendor": {
"name": "ISC",
"scada": false
}
}
},
{
"description": "BIND 9 versions 9.9.x ant\u00e9rieures \u00e0 9.9.10-P1",
"product": {
"name": "BIND",
"vendor": {
"name": "ISC",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-3140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3140"
},
{
"name": "CVE-2017-3141",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3141"
}
],
"links": [
{
"title": "Note Op\u00e9rationelle sur BIND 9.11.1",
"url": "https://kb.isc.org/article/AA-01497"
}
],
"reference": "CERTFR-2017-AVI-184",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-06-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eISC BIND\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans ISC BIND",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ISC AA-01496 du 14 juin 2017",
"url": "https://kb.isc.org/article/AA-01496/74/CVE-2017-3141%3A-Windows-service-and-uninstall-paths-are-not-quoted-when-BIND-is-installed.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ISC AA-01495 du 14 juin 2017",
"url": "https://kb.isc.org/article/AA-01495/74/CVE-2017-3140%3A-An-error-processing-RPZ-rules-can-cause-named-to-loop-endlessly-after-handling-a-query.html"
}
]
}
CERTFR-2017-AVI-184
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans ISC BIND. Elles permettent à un attaquant de provoquer un déni de service à distance et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "BIND 9 versions 9.11.x ant\u00e9rieures \u00e0 9.11.1-P1",
"product": {
"name": "BIND",
"vendor": {
"name": "ISC",
"scada": false
}
}
},
{
"description": "BIND 9 versions 9.10.x ant\u00e9rieures \u00e0 9.10.5-P1",
"product": {
"name": "BIND",
"vendor": {
"name": "ISC",
"scada": false
}
}
},
{
"description": "BIND 9 versions 9.9.x ant\u00e9rieures \u00e0 9.9.10-P1",
"product": {
"name": "BIND",
"vendor": {
"name": "ISC",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-3140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3140"
},
{
"name": "CVE-2017-3141",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3141"
}
],
"links": [
{
"title": "Note Op\u00e9rationelle sur BIND 9.11.1",
"url": "https://kb.isc.org/article/AA-01497"
}
],
"reference": "CERTFR-2017-AVI-184",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-06-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eISC BIND\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans ISC BIND",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ISC AA-01496 du 14 juin 2017",
"url": "https://kb.isc.org/article/AA-01496/74/CVE-2017-3141%3A-Windows-service-and-uninstall-paths-are-not-quoted-when-BIND-is-installed.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ISC AA-01495 du 14 juin 2017",
"url": "https://kb.isc.org/article/AA-01495/74/CVE-2017-3140%3A-An-error-processing-RPZ-rules-can-cause-named-to-loop-endlessly-after-handling-a-query.html"
}
]
}
GHSA-6J28-2P63-CR4R
Vulnerability from github – Published: 2022-05-13 01:36 – Updated: 2022-05-13 01:36
VLAI?
Details
The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2->9.2.9, 9.3.2-P1->9.3.6, 9.4.0->9.8.8, 9.9.0->9.9.10, 9.10.0->9.10.5, 9.11.0->9.11.1, 9.9.3-S1->9.9.10-S1, 9.10.5-S1.
Severity ?
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2017-3141"
],
"database_specific": {
"cwe_ids": [
"CWE-428"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-01-16T20:29:00Z",
"severity": "HIGH"
},
"details": "The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2-\u003e9.2.9, 9.3.2-P1-\u003e9.3.6, 9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10, 9.10.0-\u003e9.10.5, 9.11.0-\u003e9.11.1, 9.9.3-S1-\u003e9.9.10-S1, 9.10.5-S1.",
"id": "GHSA-6j28-2p63-cr4r",
"modified": "2022-05-13T01:36:46Z",
"published": "2022-05-13T01:36:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3141"
},
{
"type": "WEB",
"url": "https://kb.isc.org/docs/aa-01496"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20180926-0001"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/42121"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/99089"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038693"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2017-3141
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2->9.2.9, 9.3.2-P1->9.3.6, 9.4.0->9.8.8, 9.9.0->9.9.10, 9.10.0->9.10.5, 9.11.0->9.11.1, 9.9.3-S1->9.9.10-S1, 9.10.5-S1.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-3141",
"description": "The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2-\u003e9.2.9, 9.3.2-P1-\u003e9.3.6, 9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10, 9.10.0-\u003e9.10.5, 9.11.0-\u003e9.11.1, 9.9.3-S1-\u003e9.9.10-S1, 9.10.5-S1.",
"id": "GSD-2017-3141",
"references": [
"https://www.suse.com/security/cve/CVE-2017-3141.html",
"https://packetstormsecurity.com/files/cve/CVE-2017-3141"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-3141"
],
"details": "The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2-\u003e9.2.9, 9.3.2-P1-\u003e9.3.6, 9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10, 9.10.0-\u003e9.10.5, 9.11.0-\u003e9.11.1, 9.9.3-S1-\u003e9.9.10-S1, 9.10.5-S1.",
"id": "GSD-2017-3141",
"modified": "2023-12-13T01:21:16.920182Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2017-06-14T00:00:00.000Z",
"ID": "CVE-2017-3141",
"STATE": "PUBLIC",
"TITLE": "Windows service and uninstall paths are not quoted when BIND is installed"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.2.6-P2-\u003e9.2.9, 9.3.2-P1-\u003e9.3.6, 9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10, 9.10.0-\u003e9.10.5, 9.11.0-\u003e9.11.1, 9.9.3-S1-\u003e9.9.10-S1, 9.10.5-S1"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank John Page aka hyp3rlinx for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2-\u003e9.2.9, 9.3.2-P1-\u003e9.3.6, 9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10, 9.10.0-\u003e9.10.5, 9.11.0-\u003e9.11.1, 9.9.3-S1-\u003e9.9.10-S1, 9.10.5-S1."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "No known active exploits but this generic weakness is already a well-known attack vector if user file access permissions do not adequately prevent the installation of malicious executables. "
}
],
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "This vulnerability exists in the installer delivered with BIND for Windows and not within BIND itself. Non-Windows builds and installations are unaffected. A manual installation of BIND where the service path is quoted when added would not be at risk."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "https://kb.isc.org/docs/aa-01496",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01496"
},
{
"name": "1038693",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038693"
},
{
"name": "42121",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42121/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180926-0001/"
},
{
"name": "99089",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99089"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.10-P1\n BIND 9 version 9.10.5-P1\n BIND 9 version 9.11.1-P1\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.10-S2\n BIND 9 version 9.10.5-S2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "eng",
"value": "BIND installations on Windows are not at risk if the host file permissions prevent creation of a binary in a location where the service executor would run it instead of named.exe."
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.8.8",
"versionStartIncluding": "9.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.3.2:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.3.6",
"versionStartIncluding": "9.3.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:9.2.6:p2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.10.5",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.11.1",
"versionStartIncluding": "9.11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.9.10",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.2.9",
"versionStartIncluding": "9.2.6",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"ID": "CVE-2017-3141"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2-\u003e9.2.9, 9.3.2-P1-\u003e9.3.6, 9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10, 9.10.0-\u003e9.10.5, 9.11.0-\u003e9.11.1, 9.9.3-S1-\u003e9.9.10-S1, 9.10.5-S1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-428"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.isc.org/docs/aa-01496",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01496"
},
{
"name": "42121",
"refsource": "EXPLOIT-DB",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42121/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0001/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0001/"
},
{
"name": "GLSA-201708-01",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"name": "1038693",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038693"
},
{
"name": "99089",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99089"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2019-10-09T23:27Z",
"publishedDate": "2019-01-16T20:29Z"
}
}
}
OPENSUSE-SU-2024:10650-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
bind-9.16.20-1.4 on GA media
Notes
Title of the patch
bind-9.16.20-1.4 on GA media
Description of the patch
These are all security issues fixed in the bind-9.16.20-1.4 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10650
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "bind-9.16.20-1.4 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the bind-9.16.20-1.4 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10650",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10650-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2006-4339 page",
"url": "https://www.suse.com/security/cve/CVE-2006-4339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2007-2925 page",
"url": "https://www.suse.com/security/cve/CVE-2007-2925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2007-2926 page",
"url": "https://www.suse.com/security/cve/CVE-2007-2926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8461 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8461/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2775 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9131 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9778 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9778/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3135 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3141 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3141/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3142 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3145 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5737 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5737/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5743 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5745 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6465 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6471 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6471/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6476 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6477 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8616 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8617 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8618 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8619 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8620 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8620/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8621 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8622 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8623 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8623/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8624 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8625 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-25214 page",
"url": "https://www.suse.com/security/cve/CVE-2021-25214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-25215 page",
"url": "https://www.suse.com/security/cve/CVE-2021-25215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-25216 page",
"url": "https://www.suse.com/security/cve/CVE-2021-25216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-25218 page",
"url": "https://www.suse.com/security/cve/CVE-2021-25218/"
}
],
"title": "bind-9.16.20-1.4 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10650-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "bind-9.16.20-1.4.aarch64",
"product": {
"name": "bind-9.16.20-1.4.aarch64",
"product_id": "bind-9.16.20-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "bind-doc-9.16.20-1.4.aarch64",
"product": {
"name": "bind-doc-9.16.20-1.4.aarch64",
"product_id": "bind-doc-9.16.20-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "bind-utils-9.16.20-1.4.aarch64",
"product": {
"name": "bind-utils-9.16.20-1.4.aarch64",
"product_id": "bind-utils-9.16.20-1.4.aarch64"
}
},
{
"category": "product_version",
"name": "python3-bind-9.16.20-1.4.aarch64",
"product": {
"name": "python3-bind-9.16.20-1.4.aarch64",
"product_id": "python3-bind-9.16.20-1.4.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-9.16.20-1.4.ppc64le",
"product": {
"name": "bind-9.16.20-1.4.ppc64le",
"product_id": "bind-9.16.20-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "bind-doc-9.16.20-1.4.ppc64le",
"product": {
"name": "bind-doc-9.16.20-1.4.ppc64le",
"product_id": "bind-doc-9.16.20-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "bind-utils-9.16.20-1.4.ppc64le",
"product": {
"name": "bind-utils-9.16.20-1.4.ppc64le",
"product_id": "bind-utils-9.16.20-1.4.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-bind-9.16.20-1.4.ppc64le",
"product": {
"name": "python3-bind-9.16.20-1.4.ppc64le",
"product_id": "python3-bind-9.16.20-1.4.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-9.16.20-1.4.s390x",
"product": {
"name": "bind-9.16.20-1.4.s390x",
"product_id": "bind-9.16.20-1.4.s390x"
}
},
{
"category": "product_version",
"name": "bind-doc-9.16.20-1.4.s390x",
"product": {
"name": "bind-doc-9.16.20-1.4.s390x",
"product_id": "bind-doc-9.16.20-1.4.s390x"
}
},
{
"category": "product_version",
"name": "bind-utils-9.16.20-1.4.s390x",
"product": {
"name": "bind-utils-9.16.20-1.4.s390x",
"product_id": "bind-utils-9.16.20-1.4.s390x"
}
},
{
"category": "product_version",
"name": "python3-bind-9.16.20-1.4.s390x",
"product": {
"name": "python3-bind-9.16.20-1.4.s390x",
"product_id": "python3-bind-9.16.20-1.4.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-9.16.20-1.4.x86_64",
"product": {
"name": "bind-9.16.20-1.4.x86_64",
"product_id": "bind-9.16.20-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "bind-doc-9.16.20-1.4.x86_64",
"product": {
"name": "bind-doc-9.16.20-1.4.x86_64",
"product_id": "bind-doc-9.16.20-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "bind-utils-9.16.20-1.4.x86_64",
"product": {
"name": "bind-utils-9.16.20-1.4.x86_64",
"product_id": "bind-utils-9.16.20-1.4.x86_64"
}
},
{
"category": "product_version",
"name": "python3-bind-9.16.20-1.4.x86_64",
"product": {
"name": "python3-bind-9.16.20-1.4.x86_64",
"product_id": "python3-bind-9.16.20-1.4.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.20-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64"
},
"product_reference": "bind-9.16.20-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.20-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le"
},
"product_reference": "bind-9.16.20-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.20-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bind-9.16.20-1.4.s390x"
},
"product_reference": "bind-9.16.20-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.16.20-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64"
},
"product_reference": "bind-9.16.20-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-doc-9.16.20-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64"
},
"product_reference": "bind-doc-9.16.20-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-doc-9.16.20-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le"
},
"product_reference": "bind-doc-9.16.20-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-doc-9.16.20-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x"
},
"product_reference": "bind-doc-9.16.20-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-doc-9.16.20-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64"
},
"product_reference": "bind-doc-9.16.20-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.20-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64"
},
"product_reference": "bind-utils-9.16.20-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.20-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le"
},
"product_reference": "bind-utils-9.16.20-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.20-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x"
},
"product_reference": "bind-utils-9.16.20-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.16.20-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64"
},
"product_reference": "bind-utils-9.16.20-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bind-9.16.20-1.4.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64"
},
"product_reference": "python3-bind-9.16.20-1.4.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bind-9.16.20-1.4.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le"
},
"product_reference": "python3-bind-9.16.20-1.4.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bind-9.16.20-1.4.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x"
},
"product_reference": "python3-bind-9.16.20-1.4.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bind-9.16.20-1.4.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
},
"product_reference": "python3-bind-9.16.20-1.4.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-4339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2006-4339"
}
],
"notes": [
{
"category": "general",
"text": "OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2006-4339",
"url": "https://www.suse.com/security/cve/CVE-2006-4339"
},
{
"category": "external",
"summary": "SUSE Bug 202366 for CVE-2006-4339",
"url": "https://bugzilla.suse.com/202366"
},
{
"category": "external",
"summary": "SUSE Bug 203595 for CVE-2006-4339",
"url": "https://bugzilla.suse.com/203595"
},
{
"category": "external",
"summary": "SUSE Bug 206636 for CVE-2006-4339",
"url": "https://bugzilla.suse.com/206636"
},
{
"category": "external",
"summary": "SUSE Bug 207635 for CVE-2006-4339",
"url": "https://bugzilla.suse.com/207635"
},
{
"category": "external",
"summary": "SUSE Bug 215623 for CVE-2006-4339",
"url": "https://bugzilla.suse.com/215623"
},
{
"category": "external",
"summary": "SUSE Bug 218303 for CVE-2006-4339",
"url": "https://bugzilla.suse.com/218303"
},
{
"category": "external",
"summary": "SUSE Bug 233584 for CVE-2006-4339",
"url": "https://bugzilla.suse.com/233584"
},
{
"category": "external",
"summary": "SUSE Bug 564512 for CVE-2006-4339",
"url": "https://bugzilla.suse.com/564512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2006-4339"
},
{
"cve": "CVE-2007-2925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2007-2925"
}
],
"notes": [
{
"category": "general",
"text": "The default access control lists (ACL) in ISC BIND 9.4.0, 9.4.1, and 9.5.0a1 through 9.5.0a5 do not set the allow-recursion and allow-query-cache ACLs, which allows remote attackers to make recursive queries and query the cache.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2007-2925",
"url": "https://www.suse.com/security/cve/CVE-2007-2925"
},
{
"category": "external",
"summary": "SUSE Bug 294403 for CVE-2007-2925",
"url": "https://bugzilla.suse.com/294403"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2007-2925"
},
{
"cve": "CVE-2007-2926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2007-2926"
}
],
"notes": [
{
"category": "general",
"text": "ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query id and perform DNS cache poisoning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2007-2926",
"url": "https://www.suse.com/security/cve/CVE-2007-2926"
},
{
"category": "external",
"summary": "SUSE Bug 294403 for CVE-2007-2926",
"url": "https://bugzilla.suse.com/294403"
},
{
"category": "external",
"summary": "SUSE Bug 295040 for CVE-2007-2926",
"url": "https://bugzilla.suse.com/295040"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2007-2926"
},
{
"cve": "CVE-2015-8461",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8461"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8461",
"url": "https://www.suse.com/security/cve/CVE-2015-8461"
},
{
"category": "external",
"summary": "SUSE Bug 958861 for CVE-2015-8461",
"url": "https://bugzilla.suse.com/958861"
},
{
"category": "external",
"summary": "SUSE Bug 958862 for CVE-2015-8461",
"url": "https://bugzilla.suse.com/958862"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2015-8461"
},
{
"cve": "CVE-2016-2775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2775"
}
],
"notes": [
{
"category": "general",
"text": "ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2775",
"url": "https://www.suse.com/security/cve/CVE-2016-2775"
},
{
"category": "external",
"summary": "SUSE Bug 989528 for CVE-2016-2775",
"url": "https://bugzilla.suse.com/989528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2016-2775"
},
{
"cve": "CVE-2016-9131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9131"
}
],
"notes": [
{
"category": "general",
"text": "named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9131",
"url": "https://www.suse.com/security/cve/CVE-2016-9131"
},
{
"category": "external",
"summary": "SUSE Bug 1018699 for CVE-2016-9131",
"url": "https://bugzilla.suse.com/1018699"
},
{
"category": "external",
"summary": "SUSE Bug 1018700 for CVE-2016-9131",
"url": "https://bugzilla.suse.com/1018700"
},
{
"category": "external",
"summary": "SUSE Bug 1018701 for CVE-2016-9131",
"url": "https://bugzilla.suse.com/1018701"
},
{
"category": "external",
"summary": "SUSE Bug 1018702 for CVE-2016-9131",
"url": "https://bugzilla.suse.com/1018702"
},
{
"category": "external",
"summary": "SUSE Bug 1033466 for CVE-2016-9131",
"url": "https://bugzilla.suse.com/1033466"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-9131"
},
{
"cve": "CVE-2016-9778",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9778"
}
],
"notes": [
{
"category": "general",
"text": "An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the \"nxdomain-redirect\" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type \"redirect\" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -\u003e 9.9.8-S3, 9.9.9-S1 -\u003e 9.9.9-S6, 9.11.0-9.11.0-P1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9778",
"url": "https://www.suse.com/security/cve/CVE-2016-9778"
},
{
"category": "external",
"summary": "SUSE Bug 1018699 for CVE-2016-9778",
"url": "https://bugzilla.suse.com/1018699"
},
{
"category": "external",
"summary": "SUSE Bug 1018703 for CVE-2016-9778",
"url": "https://bugzilla.suse.com/1018703"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-9778"
},
{
"cve": "CVE-2017-3135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3135"
}
],
"notes": [
{
"category": "general",
"text": "Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -\u003e 9.9.9-S7, 9.9.3 -\u003e 9.9.9-P5, 9.9.10b1, 9.10.0 -\u003e 9.10.4-P5, 9.10.5b1, 9.11.0 -\u003e 9.11.0-P2, 9.11.1b1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3135",
"url": "https://www.suse.com/security/cve/CVE-2017-3135"
},
{
"category": "external",
"summary": "SUSE Bug 1018700 for CVE-2017-3135",
"url": "https://bugzilla.suse.com/1018700"
},
{
"category": "external",
"summary": "SUSE Bug 1018701 for CVE-2017-3135",
"url": "https://bugzilla.suse.com/1018701"
},
{
"category": "external",
"summary": "SUSE Bug 1018702 for CVE-2017-3135",
"url": "https://bugzilla.suse.com/1018702"
},
{
"category": "external",
"summary": "SUSE Bug 1024130 for CVE-2017-3135",
"url": "https://bugzilla.suse.com/1024130"
},
{
"category": "external",
"summary": "SUSE Bug 1033466 for CVE-2017-3135",
"url": "https://bugzilla.suse.com/1033466"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-3135"
},
{
"cve": "CVE-2017-3141",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3141"
}
],
"notes": [
{
"category": "general",
"text": "The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2-\u003e9.2.9, 9.3.2-P1-\u003e9.3.6, 9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10, 9.10.0-\u003e9.10.5, 9.11.0-\u003e9.11.1, 9.9.3-S1-\u003e9.9.10-S1, 9.10.5-S1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3141",
"url": "https://www.suse.com/security/cve/CVE-2017-3141"
},
{
"category": "external",
"summary": "SUSE Bug 1044225 for CVE-2017-3141",
"url": "https://bugzilla.suse.com/1044225"
},
{
"category": "external",
"summary": "SUSE Bug 1044226 for CVE-2017-3141",
"url": "https://bugzilla.suse.com/1044226"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2017-3141"
},
{
"cve": "CVE-2017-3142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3142"
}
],
"notes": [
{
"category": "general",
"text": "An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets. Affects BIND 9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10-P1, 9.10.0-\u003e9.10.5-P1, 9.11.0-\u003e9.11.1-P1, 9.9.3-S1-\u003e9.9.10-S2, 9.10.5-S1-\u003e9.10.5-S2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3142",
"url": "https://www.suse.com/security/cve/CVE-2017-3142"
},
{
"category": "external",
"summary": "SUSE Bug 1024130 for CVE-2017-3142",
"url": "https://bugzilla.suse.com/1024130"
},
{
"category": "external",
"summary": "SUSE Bug 1046554 for CVE-2017-3142",
"url": "https://bugzilla.suse.com/1046554"
},
{
"category": "external",
"summary": "SUSE Bug 1046555 for CVE-2017-3142",
"url": "https://bugzilla.suse.com/1046555"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-3142"
},
{
"cve": "CVE-2017-3145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3145"
}
],
"notes": [
{
"category": "general",
"text": "BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3145",
"url": "https://www.suse.com/security/cve/CVE-2017-3145"
},
{
"category": "external",
"summary": "SUSE Bug 1076118 for CVE-2017-3145",
"url": "https://bugzilla.suse.com/1076118"
},
{
"category": "external",
"summary": "SUSE Bug 1101131 for CVE-2017-3145",
"url": "https://bugzilla.suse.com/1101131"
},
{
"category": "external",
"summary": "SUSE Bug 1177790 for CVE-2017-3145",
"url": "https://bugzilla.suse.com/1177790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-3145"
},
{
"cve": "CVE-2018-5737",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5737"
}
],
"notes": [
{
"category": "general",
"text": "A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching can in some cases cause undesirable behavior from named, such as a recursion loop or excessive logging. Deliberate exploitation of this condition could cause operational problems depending on the particular manifestation -- either degradation or denial of service. Affects BIND 9.12.0 and 9.12.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5737",
"url": "https://www.suse.com/security/cve/CVE-2018-5737"
},
{
"category": "external",
"summary": "SUSE Bug 1093448 for CVE-2018-5737",
"url": "https://bugzilla.suse.com/1093448"
},
{
"category": "external",
"summary": "SUSE Bug 1093449 for CVE-2018-5737",
"url": "https://bugzilla.suse.com/1093449"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-5737"
},
{
"cve": "CVE-2018-5743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5743"
}
],
"notes": [
{
"category": "general",
"text": "By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -\u003e 9.10.8-P1, 9.11.0 -\u003e 9.11.6, 9.12.0 -\u003e 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -\u003e 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -\u003e 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5743",
"url": "https://www.suse.com/security/cve/CVE-2018-5743"
},
{
"category": "external",
"summary": "SUSE Bug 1133185 for CVE-2018-5743",
"url": "https://bugzilla.suse.com/1133185"
},
{
"category": "external",
"summary": "SUSE Bug 1148887 for CVE-2018-5743",
"url": "https://bugzilla.suse.com/1148887"
},
{
"category": "external",
"summary": "SUSE Bug 1157051 for CVE-2018-5743",
"url": "https://bugzilla.suse.com/1157051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2018-5743"
},
{
"cve": "CVE-2018-5745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5745"
}
],
"notes": [
{
"category": "general",
"text": "\"managed-keys\" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor\u0027s keys are replaced with keys which use an unsupported algorithm. Versions affected: BIND 9.9.0 -\u003e 9.10.8-P1, 9.11.0 -\u003e 9.11.5-P1, 9.12.0 -\u003e 9.12.3-P1, and versions 9.9.3-S1 -\u003e 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -\u003e 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5745",
"url": "https://www.suse.com/security/cve/CVE-2018-5745"
},
{
"category": "external",
"summary": "SUSE Bug 1126068 for CVE-2018-5745",
"url": "https://bugzilla.suse.com/1126068"
},
{
"category": "external",
"summary": "SUSE Bug 1141730 for CVE-2018-5745",
"url": "https://bugzilla.suse.com/1141730"
},
{
"category": "external",
"summary": "SUSE Bug 1148887 for CVE-2018-5745",
"url": "https://bugzilla.suse.com/1148887"
},
{
"category": "external",
"summary": "SUSE Bug 1177790 for CVE-2018-5745",
"url": "https://bugzilla.suse.com/1177790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-5745"
},
{
"cve": "CVE-2019-6465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6465"
}
],
"notes": [
{
"category": "general",
"text": "Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -\u003e 9.10.8-P1, 9.11.0 -\u003e 9.11.5-P2, 9.12.0 -\u003e 9.12.3-P2, and versions 9.9.3-S1 -\u003e 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -\u003e 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6465",
"url": "https://www.suse.com/security/cve/CVE-2019-6465"
},
{
"category": "external",
"summary": "SUSE Bug 1126069 for CVE-2019-6465",
"url": "https://bugzilla.suse.com/1126069"
},
{
"category": "external",
"summary": "SUSE Bug 1141730 for CVE-2019-6465",
"url": "https://bugzilla.suse.com/1141730"
},
{
"category": "external",
"summary": "SUSE Bug 1148887 for CVE-2019-6465",
"url": "https://bugzilla.suse.com/1148887"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-6465"
},
{
"cve": "CVE-2019-6471",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6471"
}
],
"notes": [
{
"category": "general",
"text": "A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -\u003e 9.11.7, 9.12.0 -\u003e 9.12.4-P1, 9.14.0 -\u003e 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -\u003e 9.11.7-S1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6471",
"url": "https://www.suse.com/security/cve/CVE-2019-6471"
},
{
"category": "external",
"summary": "SUSE Bug 1138687 for CVE-2019-6471",
"url": "https://bugzilla.suse.com/1138687"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-6471"
},
{
"cve": "CVE-2019-6476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6476"
}
],
"notes": [
{
"category": "general",
"text": "A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query. This affects BIND versions 9.14.0 up to 9.14.6, and 9.15.0 up to 9.15.4.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6476",
"url": "https://www.suse.com/security/cve/CVE-2019-6476"
},
{
"category": "external",
"summary": "SUSE Bug 1153993 for CVE-2019-6476",
"url": "https://bugzilla.suse.com/1153993"
},
{
"category": "external",
"summary": "SUSE Bug 1153994 for CVE-2019-6476",
"url": "https://bugzilla.suse.com/1153994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-6476"
},
{
"cve": "CVE-2019-6477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6477"
}
],
"notes": [
{
"category": "general",
"text": "With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6477",
"url": "https://www.suse.com/security/cve/CVE-2019-6477"
},
{
"category": "external",
"summary": "SUSE Bug 1157051 for CVE-2019-6477",
"url": "https://bugzilla.suse.com/1157051"
},
{
"category": "external",
"summary": "SUSE Bug 1197136 for CVE-2019-6477",
"url": "https://bugzilla.suse.com/1197136"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2019-6477"
},
{
"cve": "CVE-2020-8616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8616"
}
],
"notes": [
{
"category": "general",
"text": "A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8616",
"url": "https://www.suse.com/security/cve/CVE-2020-8616"
},
{
"category": "external",
"summary": "SUSE Bug 1109160 for CVE-2020-8616",
"url": "https://bugzilla.suse.com/1109160"
},
{
"category": "external",
"summary": "SUSE Bug 1171740 for CVE-2020-8616",
"url": "https://bugzilla.suse.com/1171740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-8616"
},
{
"cve": "CVE-2020-8617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8617"
}
],
"notes": [
{
"category": "general",
"text": "Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8617",
"url": "https://www.suse.com/security/cve/CVE-2020-8617"
},
{
"category": "external",
"summary": "SUSE Bug 1109160 for CVE-2020-8617",
"url": "https://bugzilla.suse.com/1109160"
},
{
"category": "external",
"summary": "SUSE Bug 1171740 for CVE-2020-8617",
"url": "https://bugzilla.suse.com/1171740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-8617"
},
{
"cve": "CVE-2020-8618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8618"
}
],
"notes": [
{
"category": "general",
"text": "An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8618",
"url": "https://www.suse.com/security/cve/CVE-2020-8618"
},
{
"category": "external",
"summary": "SUSE Bug 1172958 for CVE-2020-8618",
"url": "https://bugzilla.suse.com/1172958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-8618"
},
{
"cve": "CVE-2020-8619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8619"
}
],
"notes": [
{
"category": "general",
"text": "In ISC BIND9 versions BIND 9.11.14 -\u003e 9.11.19, BIND 9.14.9 -\u003e 9.14.12, BIND 9.16.0 -\u003e 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -\u003e 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk (\"*\") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8619",
"url": "https://www.suse.com/security/cve/CVE-2020-8619"
},
{
"category": "external",
"summary": "SUSE Bug 1172958 for CVE-2020-8619",
"url": "https://bugzilla.suse.com/1172958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-8619"
},
{
"cve": "CVE-2020-8620",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8620"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.15.6 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8620",
"url": "https://www.suse.com/security/cve/CVE-2020-8620"
},
{
"category": "external",
"summary": "SUSE Bug 1175443 for CVE-2020-8620",
"url": "https://bugzilla.suse.com/1175443"
},
{
"category": "external",
"summary": "SUSE Bug 1191120 for CVE-2020-8620",
"url": "https://bugzilla.suse.com/1191120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-8620"
},
{
"cve": "CVE-2020-8621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8621"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.14.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, If a server is configured with both QNAME minimization and \u0027forward first\u0027 then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that \u0027forward only\u0027 are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8621",
"url": "https://www.suse.com/security/cve/CVE-2020-8621"
},
{
"category": "external",
"summary": "SUSE Bug 1175443 for CVE-2020-8621",
"url": "https://bugzilla.suse.com/1175443"
},
{
"category": "external",
"summary": "SUSE Bug 1191120 for CVE-2020-8621",
"url": "https://bugzilla.suse.com/1191120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-8621"
},
{
"cve": "CVE-2020-8622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8622"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.0.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.9.3-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8622",
"url": "https://www.suse.com/security/cve/CVE-2020-8622"
},
{
"category": "external",
"summary": "SUSE Bug 1175443 for CVE-2020-8622",
"url": "https://bugzilla.suse.com/1175443"
},
{
"category": "external",
"summary": "SUSE Bug 1188888 for CVE-2020-8622",
"url": "https://bugzilla.suse.com/1188888"
},
{
"category": "external",
"summary": "SUSE Bug 1191120 for CVE-2020-8622",
"url": "https://bugzilla.suse.com/1191120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-8622"
},
{
"cve": "CVE-2020-8623",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8623"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.10.0 -\u003e 9.11.21, 9.12.0 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.10.5-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with \"--enable-native-pkcs11\" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8623",
"url": "https://www.suse.com/security/cve/CVE-2020-8623"
},
{
"category": "external",
"summary": "SUSE Bug 1175443 for CVE-2020-8623",
"url": "https://bugzilla.suse.com/1175443"
},
{
"category": "external",
"summary": "SUSE Bug 1191120 for CVE-2020-8623",
"url": "https://bugzilla.suse.com/1191120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-8623"
},
{
"cve": "CVE-2020-8624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8624"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.9.12 -\u003e 9.9.13, 9.10.7 -\u003e 9.10.8, 9.11.3 -\u003e 9.11.21, 9.12.1 -\u003e 9.16.5, 9.17.0 -\u003e 9.17.3, also affects 9.9.12-S1 -\u003e 9.9.13-S1, 9.11.3-S1 -\u003e 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone\u0027s content could abuse these unintended additional privileges to update other contents of the zone.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8624",
"url": "https://www.suse.com/security/cve/CVE-2020-8624"
},
{
"category": "external",
"summary": "SUSE Bug 1175443 for CVE-2020-8624",
"url": "https://bugzilla.suse.com/1175443"
},
{
"category": "external",
"summary": "SUSE Bug 1191120 for CVE-2020-8624",
"url": "https://bugzilla.suse.com/1191120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-8624"
},
{
"cve": "CVE-2020-8625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8625"
}
],
"notes": [
{
"category": "general",
"text": "BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND\u0027s default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. The most likely outcome of a successful exploitation of the vulnerability is a crash of the named process. However, remote code execution, while unproven, is theoretically possible. Affects: BIND 9.5.0 -\u003e 9.11.27, 9.12.0 -\u003e 9.16.11, and versions BIND 9.11.3-S1 -\u003e 9.11.27-S1 and 9.16.8-S1 -\u003e 9.16.11-S1 of BIND Supported Preview Edition. Also release versions 9.17.0 -\u003e 9.17.1 of the BIND 9.17 development branch",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8625",
"url": "https://www.suse.com/security/cve/CVE-2020-8625"
},
{
"category": "external",
"summary": "SUSE Bug 1182246 for CVE-2020-8625",
"url": "https://bugzilla.suse.com/1182246"
},
{
"category": "external",
"summary": "SUSE Bug 1182483 for CVE-2020-8625",
"url": "https://bugzilla.suse.com/1182483"
},
{
"category": "external",
"summary": "SUSE Bug 1192708 for CVE-2020-8625",
"url": "https://bugzilla.suse.com/1192708"
},
{
"category": "external",
"summary": "SUSE Bug 1196172 for CVE-2020-8625",
"url": "https://bugzilla.suse.com/1196172"
},
{
"category": "external",
"summary": "SUSE Bug 1218478 for CVE-2020-8625",
"url": "https://bugzilla.suse.com/1218478"
},
{
"category": "external",
"summary": "SUSE Bug 1225626 for CVE-2020-8625",
"url": "https://bugzilla.suse.com/1225626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2020-8625"
},
{
"cve": "CVE-2021-25214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-25214"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.8.5 -\u003e 9.8.8, 9.9.3 -\u003e 9.11.29, 9.12.0 -\u003e 9.16.13, and versions BIND 9.9.3-S1 -\u003e 9.11.29-S1 and 9.16.8-S1 -\u003e 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -\u003e 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-25214",
"url": "https://www.suse.com/security/cve/CVE-2021-25214"
},
{
"category": "external",
"summary": "SUSE Bug 1185345 for CVE-2021-25214",
"url": "https://bugzilla.suse.com/1185345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-25214"
},
{
"cve": "CVE-2021-25215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-25215"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.0.0 -\u003e 9.11.29, 9.12.0 -\u003e 9.16.13, and versions BIND 9.9.3-S1 -\u003e 9.11.29-S1 and 9.16.8-S1 -\u003e 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -\u003e 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-25215",
"url": "https://www.suse.com/security/cve/CVE-2021-25215"
},
{
"category": "external",
"summary": "SUSE Bug 1185345 for CVE-2021-25215",
"url": "https://bugzilla.suse.com/1185345"
},
{
"category": "external",
"summary": "SUSE Bug 1189848 for CVE-2021-25215",
"url": "https://bugzilla.suse.com/1189848"
},
{
"category": "external",
"summary": "SUSE Bug 1196172 for CVE-2021-25215",
"url": "https://bugzilla.suse.com/1196172"
},
{
"category": "external",
"summary": "SUSE Bug 1199298 for CVE-2021-25215",
"url": "https://bugzilla.suse.com/1199298"
},
{
"category": "external",
"summary": "SUSE Bug 1225626 for CVE-2021-25215",
"url": "https://bugzilla.suse.com/1225626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-25215"
},
{
"cve": "CVE-2021-25216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-25216"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.5.0 -\u003e 9.11.29, 9.12.0 -\u003e 9.16.13, and versions BIND 9.11.3-S1 -\u003e 9.11.29-S1 and 9.16.8-S1 -\u003e 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -\u003e 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND\u0027s default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting values for the tkey-gssapi-keytab or tkey-gssapi-credential configuration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. For servers that meet these conditions, the ISC SPNEGO implementation is vulnerable to various attacks, depending on the CPU architecture for which BIND was built: For named binaries compiled for 64-bit platforms, this flaw can be used to trigger a buffer over-read, leading to a server crash. For named binaries compiled for 32-bit platforms, this flaw can be used to trigger a server crash due to a buffer overflow and possibly also to achieve remote code execution. We have determined that standard SPNEGO implementations are available in the MIT and Heimdal Kerberos libraries, which support a broad range of operating systems, rendering the ISC implementation unnecessary and obsolete. Therefore, to reduce the attack surface for BIND users, we will be removing the ISC SPNEGO implementation in the April releases of BIND 9.11 and 9.16 (it had already been dropped from BIND 9.17). We would not normally remove something from a stable ESV (Extended Support Version) of BIND, but since system libraries can replace the ISC SPNEGO implementation, we have made an exception in this case for reasons of stability and security.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-25216",
"url": "https://www.suse.com/security/cve/CVE-2021-25216"
},
{
"category": "external",
"summary": "SUSE Bug 1185345 for CVE-2021-25216",
"url": "https://bugzilla.suse.com/1185345"
},
{
"category": "external",
"summary": "SUSE Bug 1189848 for CVE-2021-25216",
"url": "https://bugzilla.suse.com/1189848"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-25216"
},
{
"cve": "CVE-2021-25218",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-25218"
}
],
"notes": [
{
"category": "general",
"text": "In BIND 9.16.19, 9.17.16. Also, version 9.16.19-S1 of BIND Supported Preview Edition When a vulnerable version of named receives a query under the circumstances described above, the named process will terminate due to a failed assertion check. The vulnerability affects only BIND 9 releases 9.16.19, 9.17.16, and release 9.16.19-S1 of the BIND Supported Preview Edition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-25218",
"url": "https://www.suse.com/security/cve/CVE-2021-25218"
},
{
"category": "external",
"summary": "SUSE Bug 1189460 for CVE-2021-25218",
"url": "https://bugzilla.suse.com/1189460"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-doc-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:bind-utils-9.16.20-1.4.x86_64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.aarch64",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.ppc64le",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.s390x",
"openSUSE Tumbleweed:python3-bind-9.16.20-1.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-25218"
}
]
}
FKIE_CVE-2017-3141
Vulnerability from fkie_nvd - Published: 2019-01-16 20:29 - Updated: 2024-11-21 03:24
Severity ?
7.2 (High) - CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2->9.2.9, 9.3.2-P1->9.3.6, 9.4.0->9.8.8, 9.9.0->9.9.10, 9.10.0->9.10.5, 9.11.0->9.11.1, 9.9.3-S1->9.9.10-S1, 9.10.5-S1.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "880FF52C-CE36-4DE2-8FF7-8FEFCA53854C",
"versionEndIncluding": "9.2.9",
"versionStartIncluding": "9.2.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6756023D-C9EF-460D-A498-F9A3238B3570",
"versionEndIncluding": "9.3.6",
"versionStartIncluding": "9.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "343E9DD3-BBEA-4385-9A8E-0675BE74EC43",
"versionEndIncluding": "9.8.8",
"versionStartIncluding": "9.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D75A16E-2EB4-4A10-9B63-AC04755AC1E4",
"versionEndIncluding": "9.9.10",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8039263-E38B-40B2-B3AA-3673C0DD8318",
"versionEndIncluding": "9.10.5",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E6E2D9-E137-498C-B175-1CA268B6E551",
"versionEndIncluding": "9.11.1",
"versionStartIncluding": "9.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.2.6:p2:*:*:*:*:*:*",
"matchCriteriaId": "16C74641-25F0-42CD-9523-5E026CCB716E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:9.3.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "6DC920B0-8C10-4C41-9AAD-C42AA4DF8368",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2-\u003e9.2.9, 9.3.2-P1-\u003e9.3.6, 9.4.0-\u003e9.8.8, 9.9.0-\u003e9.9.10, 9.10.0-\u003e9.10.5, 9.11.0-\u003e9.11.1, 9.9.3-S1-\u003e9.9.10-S1, 9.10.5-S1."
},
{
"lang": "es",
"value": "El instalador de BIND en Windows emplea una ruta de servicio sin entrecomillar que puede permitir que un usuario local logre escalar privilegios si los permisos del sistema host de archivos lo permiten. Afecta a BIND desde la versi\u00f3n 9.2.6-P2 hasta la 9.2.9, desde la 9.3.2-P1 hasta la 9.3.6, desde la 9.4.0 hasta la 9.8.8, desde la 9.9.0 hasta la 9.9.10, desde la 9.10.0 hasta la 9.10.5, desde la 9.11.0 hasta la 9.11.1, desde la 9.9.3-S1 hasta la 9.9.10-S1 y en la versi\u00f3n 9.10.5-S1."
}
],
"id": "CVE-2017-3141",
"lastModified": "2024-11-21T03:24:55.147",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.6,
"impactScore": 6.0,
"source": "security-officer@isc.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-16T20:29:00.503",
"references": [
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99089"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038693"
},
{
"source": "security-officer@isc.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01496"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0001/"
},
{
"source": "security-officer@isc.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42121/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201708-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/42121/"
}
],
"sourceIdentifier": "security-officer@isc.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-428"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…