CVE-2018-5734 (GCVE-0-2018-5734)
Vulnerability from cvelistv5
Published
2019-01-16 20:00
Modified
2024-09-17 02:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Servers running the affected versions (9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, and 9.10.6-S2) are vulnerable if they allow recursion, unless the SERVFAIL cache is disabled for the receiving view.
Summary
While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:40:51.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01562"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"name": "103189",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/103189"
},
{
"name": "1040438",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040438"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2"
}
]
}
],
"datePublic": "2018-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn\u0027t contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Servers running the affected versions (9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, and 9.10.6-S2) are vulnerable if they allow recursion, unless the SERVFAIL cache is disabled for the receiving view.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-01-17T10:57:01",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01562"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"name": "103189",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/103189"
},
{
"name": "1040438",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040438"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the patched release.\n\n No publicly released versions of BIND are affected\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.10.6-S3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "A malformed request can trigger an assertion failure in badcache.c",
"workarounds": [
{
"lang": "en",
"value": "Disabling the SERVFAIL cache with \u0027servfail-ttl 0;\u0027 will prevent taking the code path that leads to the assertion failure."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2018-02-28T00:00:00.000Z",
"ID": "CVE-2018-5734",
"STATE": "PUBLIC",
"TITLE": "A malformed request can trigger an assertion failure in badcache.c"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_value": "9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn\u0027t contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Servers running the affected versions (9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, and 9.10.6-S2) are vulnerable if they allow recursion, unless the SERVFAIL cache is disabled for the receiving view."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.isc.org/docs/aa-01562",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01562"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
},
{
"name": "103189",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103189"
},
{
"name": "1040438",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040438"
}
]
},
"solution": [
{
"lang": "en",
"value": "Upgrade to the patched release.\n\n No publicly released versions of BIND are affected\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.10.6-S3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"work_around": [
{
"lang": "en",
"value": "Disabling the SERVFAIL cache with \u0027servfail-ttl 0;\u0027 will prevent taking the code path that leads to the assertion failure."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2018-5734",
"datePublished": "2019-01-16T20:00:00Z",
"dateReserved": "2018-01-17T00:00:00",
"dateUpdated": "2024-09-17T02:31:46.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…