CVE-2017-3145
Vulnerability from cvelistv5
Published
2019-01-16 20:00
Modified
2024-09-17 00:10
Summary
Improper fetch cleanup sequencing in the resolver can cause named to crash
Impacted products
ISCBIND 9
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:16:28.228Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2018:0102",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:0102"
          },
          {
            "name": "RHSA-2018:0487",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:0487"
          },
          {
            "name": "DSA-4089",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4089"
          },
          {
            "name": "RHSA-2018:0488",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:0488"
          },
          {
            "name": "RHSA-2018:0101",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:0101"
          },
          {
            "name": "1040195",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1040195"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.isc.org/docs/aa-01542"
          },
          {
            "name": "102716",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102716"
          },
          {
            "name": "[debian-lts-announce] 20180121 [SECURITY] [DLA 1255-1] bind9 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20180117-0003/"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIND 9",
          "vendor": "ISC",
          "versions": [
            {
              "status": "affected",
              "version": "9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "ISC would like to thank Jayachandran Palanisamy of Cygate AB for making us aware of this vulnerability."
        }
      ],
      "datePublic": "2018-01-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "While this bug has existed in BIND since 9.0.0, there are no known code paths leading to it in ISC releases prior to those containing the fix for CVE-2017-3137.  Thus while all instances of BIND ought to be patched, only ISC versions [9.9.9-P8 to 9.9.11, 9.10.4-P8 to 9.10.6, 9.11.0-P5 to 9.11.2, 9.9.9-S10 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, and 9.12.0a1 to 9.12.0rc1] acting as DNSSEC validating resolvers are currently known to crash due to this bug.  The known crash is an assertion failure in netaddr.c.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-16T16:28:34.033Z",
        "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "shortName": "isc"
      },
      "references": [
        {
          "name": "RHSA-2018:0102",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:0102"
        },
        {
          "name": "RHSA-2018:0487",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:0487"
        },
        {
          "name": "DSA-4089",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4089"
        },
        {
          "name": "RHSA-2018:0488",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:0488"
        },
        {
          "name": "RHSA-2018:0101",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:0101"
        },
        {
          "name": "1040195",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1040195"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.isc.org/docs/aa-01542"
        },
        {
          "name": "102716",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102716"
        },
        {
          "name": "[debian-lts-announce] 20180121 [SECURITY] [DLA 1255-1] bind9 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20180117-0003/"
        },
        {
          "tags": [
            "vendor-advisory",
            "x_refsource_CONFIRM"
          ],
          "url": "https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to the patched release most closely related to your current version of BIND.  These can all be downloaded from http://www.isc.org/downloads.\n\n    BIND 9 version 9.9.11-P1\n    BIND 9 version 9.10.6-P1\n    BIND 9 version 9.11.2-P1\n    BIND 9 version 9.12.0rc2\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n    BIND 9 version 9.9.11-S2\n    BIND 9 version 9.10.6-S2"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Improper fetch cleanup sequencing in the resolver can cause named to crash",
      "workarounds": [
        {
          "lang": "en",
          "value": "If an operator is experiencing crashes due to this, temporarily disabling DNSSEC validation can be used to avoid the known problematic code path while replacement builds are prepared."
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-officer@isc.org",
          "DATE_PUBLIC": "2018-01-16T00:00:00.000Z",
          "ID": "CVE-2017-3145",
          "STATE": "PUBLIC",
          "TITLE": "Improper fetch cleanup sequencing in the resolver can cause named to crash"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIND 9",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "ISC"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "ISC would like to thank Jayachandran Palanisamy of Cygate AB for making us aware of this vulnerability."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "While this bug has existed in BIND since 9.0.0, there are no known code paths leading to it in ISC releases prior to those containing the fix for CVE-2017-3137.  Thus while all instances of BIND ought to be patched, only ISC versions [9.9.9-P8 to 9.9.11, 9.10.4-P8 to 9.10.6, 9.11.0-P5 to 9.11.2, 9.9.9-S10 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, and 9.12.0a1 to 9.12.0rc1] acting as DNSSEC validating resolvers are currently known to crash due to this bug.  The known crash is an assertion failure in netaddr.c."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2018:0102",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:0102"
            },
            {
              "name": "RHSA-2018:0487",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:0487"
            },
            {
              "name": "DSA-4089",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4089"
            },
            {
              "name": "RHSA-2018:0488",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:0488"
            },
            {
              "name": "RHSA-2018:0101",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:0101"
            },
            {
              "name": "1040195",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1040195"
            },
            {
              "name": "https://kb.isc.org/docs/aa-01542",
              "refsource": "CONFIRM",
              "url": "https://kb.isc.org/docs/aa-01542"
            },
            {
              "name": "102716",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102716"
            },
            {
              "name": "[debian-lts-announce] 20180121 [SECURITY] [DLA 1255-1] bind9 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20180117-0003/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20180117-0003/"
            },
            {
              "name": "https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named",
              "refsource": "CONFIRM",
              "url": "https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Upgrade to the patched release most closely related to your current version of BIND.  These can all be downloaded from http://www.isc.org/downloads.\n\n    BIND 9 version 9.9.11-P1\n    BIND 9 version 9.10.6-P1\n    BIND 9 version 9.11.2-P1\n    BIND 9 version 9.12.0rc2\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n    BIND 9 version 9.9.11-S2\n    BIND 9 version 9.10.6-S2"
          }
        ],
        "source": {
          "discovery": "UNKNOWN"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "If an operator is experiencing crashes due to this, temporarily disabling DNSSEC validation can be used to avoid the known problematic code path while replacement builds are prepared."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
    "assignerShortName": "isc",
    "cveId": "CVE-2017-3145",
    "datePublished": "2019-01-16T20:00:00Z",
    "dateReserved": "2016-12-02T00:00:00",
    "dateUpdated": "2024-09-17T00:10:46.349Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-3145\",\"sourceIdentifier\":\"security-officer@isc.org\",\"published\":\"2019-01-16T20:29:00.690\",\"lastModified\":\"2023-06-21T18:19:59.960\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1.\"},{\"lang\":\"es\",\"value\":\"BIND secuenciaba incorrectamente las operaciones de limpieza en contextos fetch de recursi\u00f3n ascendente, lo que conduce en algunos casos a un error de uso de memoria previamente liberada que puede desencadenar un fallo de aserci\u00f3n y un cierre inesperado en named. Afecta a BIND desde la versi\u00f3n 9.0.0 hasta la versi\u00f3n 9.8.x, desde la versi\u00f3n 9.9.0 hasta la versi\u00f3n 9.9.11, desde la versi\u00f3n 9.10.0 hasta la versi\u00f3n 9.10.6, desde la versi\u00f3n 9.11.0 hasta la versi\u00f3n 9.11.2, desde la versi\u00f3n 9.9.3-S1 hasta la versi\u00f3n 09.9.11-S1, desde la versi\u00f3n 9.10.5-S1 hasta la versi\u00f3n 9.10.6-S1 y desde la 9.12.0a1 hasta la 9.12.0rc1.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV30\":[{\"source\":\"security-officer@isc.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.4.0\",\"versionEndIncluding\":\"9.8.8\",\"matchCriteriaId\":\"343E9DD3-BBEA-4385-9A8E-0675BE74EC43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.9.0\",\"versionEndIncluding\":\"9.9.11\",\"matchCriteriaId\":\"6EFFE58B-0BAE-43FF-94BD-F03D0FC31BC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.10.0\",\"versionEndIncluding\":\"9.10.6\",\"matchCriteriaId\":\"DD179483-9754-4498-AE38-4CF1EB8F4063\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.11.0\",\"versionEndIncluding\":\"9.11.2\",\"matchCriteriaId\":\"8E5186B7-78C5-486D-97D7-E64B9709ED65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCC182A9-5989-4A87-A3BA-F1CFAEDC95E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.9.11:s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B9BC3D9-B2F6-4995-A757-E1BB68BC7F8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.10.5:s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"82A6F259-EB06-4F31-9F68-A76F257756DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.10.6:s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B6C3FDB-B57C-4DF5-AFDB-EEF17F5DAE08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.12.0:alpha1:*:*:*:*:*:*\",\"matchCriteriaId\":\"646FE55D-D8DF-483E-8DBE-65FB8A3FC18B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.12.0:b1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1653E806-4F31-4ACA-B51F-5F0067D99208\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.12.0:b2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E5AB236-CBDE-48F3-B6E1-5C6B08996ED7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:9.12.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F57F84D2-76D0-42B9-BA61-96204F527B7A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF83BB87-B203-48F9-9D06-48A5FE399050\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16E6D998-B41D-4B49-9E00-8336D2E40A4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C8D871B-AEA1-4407-AEE3-47EC782250FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98381E61-F082-4302-B51F-5648884F998B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D99A687E-EAE6-417E-A88E-D0082BC194CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B353CE99-D57C-465B-AAB0-73EF581127D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C81647C-9A53-481D-A54C-36770A093F90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8442C20-41F9-47FD-9A12-E724D3A31FD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF77CDCF-B9C9-427D-B2BF-36650FB2148C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13E02156-E748-4820-B76F-7074793837E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6755B6AD-0422-467B-8115-34A60B1D1A40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.1x46-d76:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6A2BAF7-8D71-474C-9F72-FF5DABC69749\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:12.3x48-d70:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAB0418C-F53F-4CA9-9AC3-4735A06B19C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:15.1x49-d140:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"63C3C7CE-3877-462F-ACAE-61E196D6F1B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4r2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF8F91A3-DAC7-42E7-8722-17C57115F9AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1r2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E33DCDB7-DE93-406F-AF78-BD3D9E8D4E2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2r1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6F40716-E190-4C67-BCF8-831069B95398\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"561C1113-3D59-4DD9-ADA7-3C9ECC4632EC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"927EAB8B-EC3B-4B12-85B9-5517EBA49A30\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CEBF85C-736A-4E7D-956A-3E8210D4F70B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD647C15-A686-4C8F-A766-BC29404C0FED\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45AB1622-1AED-4CD7-98F1-67779CDFC321\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89276D88-3B8D-4168-A2CD-0920297485F2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E020556B-693F-4963-BA43-3164AB50FA49\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB0D31FF-0812-42B8-B25E-03C35EC1B021\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB5AB24B-2B43-43DD-AE10-F758B4B19F2A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F9DC32-5ADF-4430-B1A6-357D0B29DB78\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B82D4C4-7A65-409A-926F-33C054DCBFBA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"746C3882-2A5B-4215-B259-EB1FD60C513D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE535749-F4CE-4FFA-B23D-BF09C92481E5\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06A03463-6B1D-4DBA-9E89-CAD5E899B98B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCC5F6F5-4347-49D3-909A-27A3A96D36C9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56BA6B86-D3F4-4496-AE46-AC513C6560FA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ABA347C-3EF3-4F75-B4D1-54590A57C2BC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FDDC897-747F-44DD-9599-7266F9B5B7B1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62FC145A-D477-4C86-89E7-F70F52773801\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06685D0E-A075-49A5-9EF4-34F0F795C8C6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52F0B735-8C49-4B08-950A-296C9CDE43CA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68CA098D-CBE4-4E62-9EC0-43E1B6098710\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66F474D4-79B6-4525-983C-9A9011BD958B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AA424D4-4DBF-4E8C-96B8-E37741B5403E\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/102716\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1040195\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0101\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0102\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0487\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0488\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kb.isc.org/docs/aa-01542\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/01/msg00029.html\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180117-0003/\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4089\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.