CVE-2018-5743 - OpenCVE

By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -> 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
F5	Big-ip Access Policy Manager Big-ip Advanced Firewall Manager Big-ip Analytics Big-ip Application Acceleration Manager Big-ip Application Security Manager Big-ip Domain Name System Big-ip Edge Gateway Big-ip Fraud Protection Service Big-ip Global Traffic Manager Big-ip Link Controller Big-ip Local Traffic Manager Big-ip Policy Enforcement Manager Big-ip Webaccelerator Big-iq Centralized Management Enterprise Manager Iworkflow
Isc	Bind
Redhat	Enterprise Linux Rhel Eus

Configuration 1 [-]

OR	cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_local_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:::::::*

Configuration 2 [-]

OR	cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::
	cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::
	cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::
	cpe:2.3:a:f5:big-ip_application_acceleration_manager::::::::
	cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:::::::*

Configuration 3 [-]

OR	cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::
	cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::
	cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::
	cpe:2.3:a:f5:big-ip_advanced_firewall_manager::::::::
	cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:::::::*

Configuration 4 [-]

OR	cpe:2.3:a:f5:big-ip_analytics::::::::
	cpe:2.3:a:f5:big-ip_analytics::::::::
	cpe:2.3:a:f5:big-ip_analytics::::::::
	cpe:2.3:a:f5:big-ip_analytics::::::::
	cpe:2.3:a:f5:big-ip_analytics:15.0.0:::::::*

Configuration 5 [-]

OR	cpe:2.3:a:f5:big-ip_access_policy_manager::::::::
	cpe:2.3:a:f5:big-ip_access_policy_manager::::::::
	cpe:2.3:a:f5:big-ip_access_policy_manager::::::::
	cpe:2.3:a:f5:big-ip_access_policy_manager::::::::
	cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:::::::*

Configuration 6 [-]

OR	cpe:2.3:a:f5:big-ip_application_security_manager::::::::
	cpe:2.3:a:f5:big-ip_application_security_manager::::::::
	cpe:2.3:a:f5:big-ip_application_security_manager::::::::
	cpe:2.3:a:f5:big-ip_application_security_manager::::::::
	cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:::::::*

Configuration 7 [-]

OR	cpe:2.3:a:f5:big-ip_edge_gateway::::::::
	cpe:2.3:a:f5:big-ip_edge_gateway::::::::
	cpe:2.3:a:f5:big-ip_edge_gateway::::::::
	cpe:2.3:a:f5:big-ip_edge_gateway::::::::
	cpe:2.3:a:f5:big-ip_edge_gateway:15.0.0:::::::*

Configuration 8 [-]

OR	cpe:2.3:a:f5:big-ip_fraud_protection_service::::::::
	cpe:2.3:a:f5:big-ip_fraud_protection_service::::::::
	cpe:2.3:a:f5:big-ip_fraud_protection_service::::::::
	cpe:2.3:a:f5:big-ip_fraud_protection_service::::::::
	cpe:2.3:a:f5:big-ip_fraud_protection_service:15.0.0:::::::*

Configuration 9 [-]

OR	cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_global_traffic_manager::::::::
	cpe:2.3:a:f5:big-ip_global_traffic_manager:15.0.0:::::::*

Configuration 10 [-]

OR	cpe:2.3:a:f5:big-ip_link_controller::::::::
	cpe:2.3:a:f5:big-ip_link_controller::::::::
	cpe:2.3:a:f5:big-ip_link_controller::::::::
	cpe:2.3:a:f5:big-ip_link_controller::::::::
	cpe:2.3:a:f5:big-ip_link_controller:15.0.0:::::::*

Configuration 11 [-]

OR	cpe:2.3:a:f5:big-ip_webaccelerator::::::::
	cpe:2.3:a:f5:big-ip_webaccelerator::::::::
	cpe:2.3:a:f5:big-ip_webaccelerator::::::::
	cpe:2.3:a:f5:big-ip_webaccelerator::::::::
	cpe:2.3:a:f5:big-ip_webaccelerator:15.0.0:::::::*

Configuration 12 [-]

OR	cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::
	cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::
	cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::
	cpe:2.3:a:f5:big-ip_policy_enforcement_manager::::::::
	cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:::::::*

Configuration 13 [-]

OR	cpe:2.3:a:isc:bind::::::::
	cpe:2.3:a:isc:bind::::::::
	cpe:2.3:a:isc:bind::::::::
	cpe:2.3:a:isc:bind::::::::
	cpe:2.3:a:isc:bind:9.9.3:s1:::supported_preview:::*
	cpe:2.3:a:isc:bind:9.10.8:p1::::::
	cpe:2.3:a:isc:bind:9.11.5:s3:::supported_preview:::*
	cpe:2.3:a:isc:bind:9.11.5:s5:::supported_preview:::*
	cpe:2.3:a:isc:bind:9.14.0:::::::*

Configuration 14 [-]

cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*

Configuration 15 [-]

OR	cpe:2.3:a:f5:big-iq_centralized_management::::::::
	cpe:2.3:a:f5:big-iq_centralized_management::::::::

Configuration 16 [-]

cpe:2.3:a:f5:iworkflow:2.3.0:*:*:*:*:*:*:*

Configuration 17 [-]

OR	cpe:2.3:a:f5:big-ip_domain_name_system::::::::
	cpe:2.3:a:f5:big-ip_domain_name_system::::::::
	cpe:2.3:a:f5:big-ip_domain_name_system::::::::
	cpe:2.3:a:f5:big-ip_domain_name_system::::::::
	cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 6
bind-32:9.8.2-0.68.rc1.el6_10.3	cpe:/o:redhat:enterprise_linux:6	RHSA-2019:1492	2019-06-17T00:00:00Z
Red Hat Enterprise Linux 7
bind-32:9.9.4-74.el7_6.1	cpe:/o:redhat:enterprise_linux:7	RHSA-2019:1294	2019-05-29T00:00:00Z
Red Hat Enterprise Linux 7.4 Extended Update Support
bind-32:9.9.4-51.el7_4.3	cpe:/o:redhat:rhel_eus:7.4	RHSA-2019:2698	2019-09-12T00:00:00Z
Red Hat Enterprise Linux 7.5 Extended Update Support
bind-32:9.9.4-61.el7_5.2	cpe:/o:redhat:rhel_eus:7.5	RHSA-2019:2977	2019-10-08T00:00:00Z
Red Hat Enterprise Linux 8
bind-32:9.11.4-17.P2.el8_0	cpe:/a:redhat:enterprise_linux:8	RHSA-2019:1145	2019-05-13T00:00:00Z
bind-32:9.11.4-17.P2.el8_0	cpe:/o:redhat:enterprise_linux:8	RHSA-2019:1145	2019-05-13T00:00:00Z

References

Link	Providers
https://kb.isc.org/docs/cve-2018-5743
https://nvd.nist.gov/vuln/detail/CVE-2018-5743
https://support.f5.com/csp/article/K74009656?utm_source=f5support&amp%3Butm_medium=RSS
https://www.cve.org/CVERecord?id=CVE-2018-5743
https://www.synology.com/security/advisory/Synology_SA_19_20

History

No history.

MITRE

Status: PUBLISHED

Assigner: isc

Published: 2019-10-09T14:17:14.293079Z

Updated: 2024-09-17T02:26:38.493Z

Reserved: 2018-01-17T00:00:00

Link: CVE-2018-5743

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-10-09T16:15:13.763

Modified: 2023-11-07T02:58:49.943

Link: CVE-2018-5743

Redhat

Severity : Important

Publid Date: 2019-04-24T00:00:00Z

Links: CVE-2018-5743 - Bugzilla

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object