CVE-2017-3136

MEDIUM

Description

A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.

ID	Name	Product	Family	Severity
124936	EulerOS Virtualization 3.0.1.0 : bind (EulerOS-SA-2019-1433)	Nessus	Huawei Local Security Checks	high
121068	Juniper Junos Space 18.4.x < 18.4R1 Multiple Vulnerabilities (JSA10917)	Nessus	Junos Local Security Checks	high
112170	OracleVM 3.3 / 3.4 : bind (OVMSA-2018-0252)	Nessus	OracleVM Local Security Checks	medium
102531	GLSA-201708-01 : BIND: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
101751	Fedora 26 : 32:bind (2017-f9f909a7b7)	Nessus	Fedora Local Security Checks	medium
101692	Fedora 26 : bind99 (2017-a354efc764)	Nessus	Fedora Local Security Checks	medium
101456	Virtuozzo 6 : bind / bind-chroot / bind-devel / bind-libs / etc (VZLSA-2017-1105)	Nessus	Virtuozzo Local Security Checks	medium
101453	Virtuozzo 7 : bind / bind-chroot / bind-devel / bind-libs / etc (VZLSA-2017-1095)	Nessus	Virtuozzo Local Security Checks	medium
100477	Debian DLA-957-1 : bind9 security update	Nessus	Debian Local Security Checks	medium
100167	Debian DSA-3854-1 : bind9 - security update	Nessus	Debian Local Security Checks	medium
100090	OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0100)	Nessus	OracleVM Local Security Checks	medium
100014	Fedora 24 : bind99 (2017-edce28f24b)	Nessus	Fedora Local Security Checks	medium
99944	EulerOS 2.0 SP2 : bind (EulerOS-SA-2017-1078)	Nessus	Huawei Local Security Checks	medium
99943	EulerOS 2.0 SP1 : bind (EulerOS-SA-2017-1077)	Nessus	Huawei Local Security Checks	medium
99714	Amazon Linux AMI : bind (ALAS-2017-826)	Nessus	Amazon Linux Local Security Checks	medium
99605	Fedora 24 : 32:bind (2017-0a876b0ba5)	Nessus	Fedora Local Security Checks	medium
99575	Scientific Linux Security Update : bind on SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	medium
99571	RHEL 6 : bind (RHSA-2017:1105)	Nessus	Red Hat Local Security Checks	medium
99569	OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0066)	Nessus	OracleVM Local Security Checks	critical
99564	Oracle Linux 6 : bind (ELSA-2017-1105)	Nessus	Oracle Linux Local Security Checks	medium
99538	CentOS 6 : bind (CESA-2017:1105)	Nessus	CentOS Local Security Checks	medium
99506	Scientific Linux Security Update : bind on SL7.x x86_64	Nessus	Scientific Linux Local Security Checks	medium
99500	Oracle Linux 7 : bind (ELSA-2017-1095)	Nessus	Oracle Linux Local Security Checks	medium
99499	openSUSE Security Update : bind (openSUSE-2017-491)	Nessus	SuSE Local Security Checks	medium
99495	Fedora 25 : 32:bind (2017-ee4b0f53cb)	Nessus	Fedora Local Security Checks	medium
99488	Fedora 25 : bind99 (2017-44e494db1e)	Nessus	Fedora Local Security Checks	medium
99483	CentOS 7 : bind (CESA-2017:1095)	Nessus	CentOS Local Security Checks	medium
99478	ISC BIND 9 < 9.9.9-P8 / 9.9.9-S10 / 9.9.10rc3 / 9.10.4-P8 / 9.10.5rc3 / 9.11.0-P5 / 9.11.1r3 Multiple Vunlerabilities	Nessus	DNS	high
99455	RHEL 7 : bind (RHSA-2017:1095)	Nessus	Red Hat Local Security Checks	medium
99435	Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : bind9 vulnerabilities (USN-3259-1)	Nessus	Ubuntu Local Security Checks	medium
99378	Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : bind (SSA:2017-103-01)	Nessus	Slackware Local Security Checks	medium
99358	SUSE SLES11 Security Update : bind (SUSE-SU-2017:1000-1)	Nessus	SuSE Local Security Checks	medium
99357	SUSE SLES12 Security Update : bind (SUSE-SU-2017:0999-1)	Nessus	SuSE Local Security Checks	medium
99356	SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2017:0998-1)	Nessus	SuSE Local Security Checks	medium
99325	FreeBSD : BIND -- multiple vulnerabilities (c6861494-1ffb-11e7-934d-d05099c0ae8c)	Nessus	FreeBSD Local Security Checks	medium

CVE-2017-3136

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0