{"containers": {"cna": {"affected": [{"product": "BIND 9", "vendor": "ISC", "versions": [{"status": "affected", "version": "BIND 9 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2"}]}], "configurations": [{"lang": "en", "value": "Only servers which have explicitly enabled the \"deny-answer-aliases\" feature are at risk and disabling the feature prevents exploitation."}], "credits": [{"lang": "en", "value": "ISC would like to thank Tony Finch of the University of Cambridge for reporting this issue."}], "datePublic": "2018-08-08T00:00:00", "descriptions": [{"lang": "en", "value": "\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients.", "lang": "en", "type": "text"}, {"description": "Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients. Only servers which have explicitly enabled the \"deny-answer-aliases\" feature are at risk and disabling the feature prevents exploitation.", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-11-02T03:06:16", "orgId": "404fd4d2-a609-4245-b543-2c944a302a22", "shortName": "isc"}, "references": [{"name": "105055", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/105055"}, {"name": "[debian-lts-announce] 20180830 [SECURITY] [DLA 1485-1] bind9 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"}, {"name": "RHSA-2018:2570", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2570"}, {"name": "RHSA-2018:2571", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:2571"}, {"name": "USN-3769-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3769-2/"}, {"name": "1041436", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1041436"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20180926-0003/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kb.isc.org/docs/aa-01639"}, {"name": "USN-3769-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3769-1/"}, {"name": "GLSA-201903-13", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201903-13"}, {"name": "openSUSE-SU-2019:1533", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"}, {"name": "openSUSE-SU-2019:1532", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03927en_us"}, {"name": "[debian-lts-announce] 20211102 [SECURITY] [DLA 2807-1] bind9 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"}], "solutions": [{"lang": "en", "value": "Most operators will not need to make any changes unless they are using the \"deny-answer-aliases\" feature (which is described in the BIND 9 Adminstrator Reference Manual section 6.2.) \"deny-answer-aliases\" is off by default; only configurations which explicitly enable it can be affected by this defect.\n\nIf you are using \"deny-answer-aliases\", upgrade to the patched release most closely related to your current version of BIND.\n\n 9.9.13-P1\n 9.10.8-P1\n 9.11.4-P1\n 9.12.2-P1\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n 9.11.3-S3"}], "source": {"discovery": "EXTERNAL"}, "title": "A flaw in the \"deny-answer-aliases\" feature can cause an assertion failure in named", "workarounds": [{"lang": "en", "value": "This vulnerability can be avoided by disabling the \"deny-answer-aliases\" feature if it is in use."}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-officer@isc.org", "DATE_PUBLIC": "2018-08-08T08:00:00.000Z", "ID": "CVE-2018-5740", "STATE": "PUBLIC", "TITLE": "A flaw in the \"deny-answer-aliases\" feature can cause an assertion failure in named"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "BIND 9", "version": {"version_data": [{"version_name": "BIND 9", "version_value": "9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2"}]}}]}, "vendor_name": "ISC"}]}}, "configuration": [{"lang": "en", "value": "Only servers which have explicitly enabled the \"deny-answer-aliases\" feature are at risk and disabling the feature prevents exploitation."}], "credit": [{"lang": "eng", "value": "ISC would like to thank Tony Finch of the University of Cambridge for reporting this issue."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients."}, {"lang": "eng", "value": "Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients. Only servers which have explicitly enabled the \"deny-answer-aliases\" feature are at risk and disabling the feature prevents exploitation."}]}]}, "references": {"reference_data": [{"name": "105055", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105055"}, {"name": "[debian-lts-announce] 20180830 [SECURITY] [DLA 1485-1] bind9 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"}, {"name": "RHSA-2018:2570", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2570"}, {"name": "RHSA-2018:2571", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2571"}, {"name": "USN-3769-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3769-2/"}, {"name": "1041436", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041436"}, {"name": "https://security.netapp.com/advisory/ntap-20180926-0003/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20180926-0003/"}, {"name": "https://kb.isc.org/docs/aa-01639", "refsource": "CONFIRM", "url": "https://kb.isc.org/docs/aa-01639"}, {"name": "USN-3769-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3769-1/"}, {"name": "GLSA-201903-13", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201903-13"}, {"name": "openSUSE-SU-2019:1533", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"}, {"name": "openSUSE-SU-2019:1532", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"}, {"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03927en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03927en_us"}, {"name": "[debian-lts-announce] 20211102 [SECURITY] [DLA 2807-1] bind9 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"}]}, "solution": [{"lang": "en", "value": "Most operators will not need to make any changes unless they are using the \"deny-answer-aliases\" feature (which is described in the BIND 9 Adminstrator Reference Manual section 6.2.) \"deny-answer-aliases\" is off by default; only configurations which explicitly enable it can be affected by this defect.\n\nIf you are using \"deny-answer-aliases\", upgrade to the patched release most closely related to your current version of BIND.\n\n 9.9.13-P1\n 9.10.8-P1\n 9.11.4-P1\n 9.12.2-P1\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n 9.11.3-S3"}], "source": {"discovery": "EXTERNAL"}, "work_around": [{"lang": "en", "value": "This vulnerability can be avoided by disabling the \"deny-answer-aliases\" feature if it is in use."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T05:40:51.365Z"}, "title": "CVE Program Container", "references": [{"name": "105055", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/105055"}, {"name": "[debian-lts-announce] 20180830 [SECURITY] [DLA 1485-1] bind9 security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"}, {"name": "RHSA-2018:2570", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2570"}, {"name": "RHSA-2018:2571", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:2571"}, {"name": "USN-3769-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3769-2/"}, {"name": "1041436", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1041436"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20180926-0003/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.isc.org/docs/aa-01639"}, {"name": "USN-3769-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3769-1/"}, {"name": "GLSA-201903-13", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201903-13"}, {"name": "openSUSE-SU-2019:1533", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"}, {"name": "openSUSE-SU-2019:1532", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03927en_us"}, {"name": "[debian-lts-announce] 20211102 [SECURITY] [DLA 2807-1] bind9 security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"}]}]}, "cveMetadata": {"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22", "assignerShortName": "isc", "cveId": "CVE-2018-5740", "datePublished": "2019-01-16T20:00:00Z", "dateReserved": "2018-01-17T00:00:00", "dateUpdated": "2024-09-16T17:58:43.029Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "DCCA7B30-3344-4718-8B34-FE60CCE4487C", "versionEndExcluding": "9.8.8", "versionStartIncluding": "9.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F17A1AB-48E7-48B7-97CC-BD270649F856", "versionEndExcluding": "9.9.13", "versionStartIncluding": "9.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF340133-E86A-4A6D-9775-E66B46829700", "versionEndExcluding": "9.10.8", "versionStartIncluding": "9.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "94AD1D77-45DD-49F2-AA16-6E3A3BF8F5C9", "versionEndExcluding": "9.11.4", "versionStartIncluding": "9.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "5464FDED-E02B-486F-8699-CB7B9D623A59", "versionEndExcluding": "9.12.2", "versionStartIncluding": "9.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*", "matchCriteriaId": "0484A7C1-5E99-49A6-BE21-BB201D2D0EFA", "versionEndExcluding": "9.13.2", "versionStartIncluding": "9.13.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*", "matchCriteriaId": "F480AA32-841A-4E68-9343-B2E7548B0A0C", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2."}, {"lang": "es", "value": "\"deny-answer-aliases\" es una caracter\u00edstica poco utilizada que pretende ayudar a los operadores recursivos del servidor a proteger a los usuarios finales contra ataques de reenlace DNS, un m\u00e9todo para poder eludir el modelo de seguridad empleado por los navegadores del cliente. Sin embargo, un defecto en esta caracter\u00edstica hace que sea sencillo experimentar un fallo de aserci\u00f3n en name.c. Afecta a BIND desde la versi\u00f3n 9.7.0 hasta la versi\u00f3n 9.8.8, desde la versi\u00f3n 9.9.0 hasta la versi\u00f3n 9.9.13, desde la versi\u00f3n 9.10.0 hasta la versi\u00f3n 9.10.8, desde la versi\u00f3n 9.11.0 hasta la versi\u00f3n 9.11.4, desde la versi\u00f3n 9.12.0 hasta la versi\u00f3n 9.12.2 y desde la versi\u00f3n 9.13.0 hasta la versi\u00f3n 9.13.2."}], "id": "CVE-2018-5740", "lastModified": "2022-04-12T18:34:07.933", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-officer@isc.org", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-01-16T20:29:01.017", "references": [{"source": "security-officer@isc.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"}, {"source": "security-officer@isc.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"}, {"source": "security-officer@isc.org", "tags": ["VDB Entry", "Third Party Advisory"], "url": "http://www.securityfocus.com/bid/105055"}, {"source": "security-officer@isc.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1041436"}, {"source": "security-officer@isc.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2570"}, {"source": "security-officer@isc.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:2571"}, {"source": "security-officer@isc.org", "tags": ["Vendor Advisory"], "url": "https://kb.isc.org/docs/aa-01639"}, {"source": "security-officer@isc.org", "tags": ["Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"}, {"source": "security-officer@isc.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"}, {"source": "security-officer@isc.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201903-13"}, {"source": "security-officer@isc.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20180926-0003/"}, {"source": "security-officer@isc.org", "tags": ["Third Party Advisory"], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03927en_us"}, {"source": "security-officer@isc.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3769-1/"}, {"source": "security-officer@isc.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3769-2/"}], "sourceIdentifier": "security-officer@isc.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-617"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) as the original reporter.", "affected_release": [{"advisory": "RHSA-2018:2571", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "bind-32:9.8.2-0.68.rc1.el6_10.1", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2018-08-27T00:00:00Z"}, {"advisory": "RHSA-2018:2570", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "bind-32:9.9.4-61.el7_5.1", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2018-08-27T00:00:00Z"}], "bugzilla": {"description": "bind: processing of certain records when \"deny-answer-aliases\" is in use may trigger an assert leading to a denial of service", "id": "1613595", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1613595"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-617", "details": ["\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.", "A denial of service flaw was discovered in bind versions that include the \"deny-answer-aliases\" feature. This flaw may allow a remote attacker to trigger an INSIST assert in named leading to termination of the process and a denial of service condition."], "mitigation": {"lang": "en:us", "value": "Disabling the \"deny-answer-aliases\" configuration option should prevent exploitation."}, "name": "CVE-2018-5740", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "bind97", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Not affected", "package_name": "bind", "product_name": "Red Hat Virtualization 4"}], "public_date": "2018-08-08T21:30:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-5740\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-5740\nhttps://kb.isc.org/article/AA-01639/74/CVE-2018-5740"], "statement": "The \"deny-answer-aliases\" configuration option is not enabled in default configurations of bind. Upstream states that this option is very rarely used. As such, if customers have not specifically enabled this option in configurations, the risk should be mitigated.", "threat_severity": "Important", "upstream_fix": "bind 9.9.13-P1, bind 9.10.8-P1, bind 9.11.4-P1, bind 9.12.2-P1, bind 9.11.3-S3"}