An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2.
http://www.securityfocus.com/bid/99337
http://www.securitytracker.com/id/1038809
https://access.redhat.com/errata/RHSA-2017:1679
https://access.redhat.com/errata/RHSA-2017:1680
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03772en_us
https://kb.isc.org/docs/aa-01503
Source: MITRE
Published: 2019-01-16
Updated: 2019-10-03
Type: NVD-CWE-noinfo
Base Score: 4.3
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Impact Score: 2.9
Exploitability Score: 8.6
Severity: MEDIUM
Base Score: 5.9
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Impact Score: 3.6
Exploitability Score: 2.2
Severity: MEDIUM
OR
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:* versions from 9.4.0 to 9.8.8 (inclusive)
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:* versions from 9.9.0 to 9.9.10 (inclusive)
cpe:2.3:a:isc:bind:9.9.0:p1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.10:s2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:* versions from 9.10.0 to 9.10.5 (inclusive)
cpe:2.3:a:isc:bind:9.10.5:p1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.5:s1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.5:s2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:* versions from 9.11.0 to 9.11.1 (inclusive)
OR
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
OR
ID | Name | Product | Family | Severity |
---|---|---|---|---|
137170 | OracleVM 3.3 / 3.4 : bind (OVMSA-2020-0021) | Nessus | OracleVM Local Security Checks | critical |
127330 | NewStart CGSL MAIN 4.05 : bind Multiple Vulnerabilities (NS-SA-2019-0102) | Nessus | NewStart CGSL Local Security Checks | medium |
124936 | EulerOS Virtualization 3.0.1.0 : bind (EulerOS-SA-2019-1433) | Nessus | Huawei Local Security Checks | medium |
121068 | Juniper Junos Space 18.4.x < 18.4R1 Multiple Vulnerabilities (JSA10917) | Nessus | Junos Local Security Checks | high |
119217 | Virtuozzo 6 : bind / bind-chroot / bind-devel / bind-libs / etc (VZLSA-2017-1679) | Nessus | Virtuozzo Local Security Checks | medium |
112170 | OracleVM 3.3 / 3.4 : bind (OVMSA-2018-0252) | Nessus | OracleVM Local Security Checks | medium |
105435 | F5 Networks BIG-IP : BIND vulnerability (K02230327) | Nessus | F5 Networks Local Security Checks | medium |
104579 | Virtuozzo 7 : bind / bind-chroot / bind-devel / bind-libs / etc (VZLSA-2017-1680) | Nessus | Virtuozzo Local Security Checks | medium |
103319 | Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : bind9 regression (USN-3346-2) | Nessus | Ubuntu Local Security Checks | medium |
102822 | AIX bind Advisory : bind_advisory16.asc (IV98826) (IV98827) | Nessus | AIX Local Security Checks | high |
102388 | Fedora 24 : 12:dhcp / bind99 (2017-59127a606c) | Nessus | Fedora Local Security Checks | medium |
102228 | EulerOS 2.0 SP2 : bind (EulerOS-SA-2017-1141) | Nessus | Huawei Local Security Checks | medium |
102227 | EulerOS 2.0 SP1 : bind (EulerOS-SA-2017-1140) | Nessus | Huawei Local Security Checks | medium |
101933 | Amazon Linux AMI : bind (ALAS-2017-858) | Nessus | Amazon Linux Local Security Checks | medium |
101677 | Fedora 26 : 12:dhcp / bind99 (2017-87f1f8c798) | Nessus | Fedora Local Security Checks | medium |
101603 | Fedora 26 : 32:bind (2017-30f678e62a) | Nessus | Fedora Local Security Checks | medium |
101536 | Debian DLA-1025-1 : bind9 security update | Nessus | Debian Local Security Checks | medium |
101494 | Fedora 24 : 32:bind / bind-dyndb-ldap / dnsperf (2017-001f135337) | Nessus | Fedora Local Security Checks | medium |
101326 | Fedora 25 : 12:dhcp / bind99 (2017-167cfa7b09) | Nessus | Fedora Local Security Checks | medium |
101322 | Debian DSA-3904-1 : bind9 - security update | Nessus | Debian Local Security Checks | medium |
101280 | openSUSE Security Update : bind (openSUSE-2017-783) | Nessus | SuSE Local Security Checks | medium |
101257 | Scientific Linux Security Update : bind on SL7.x x86_64 (20170705) | Nessus | Scientific Linux Local Security Checks | medium |
101256 | Scientific Linux Security Update : bind on SL6.x i386/x86_64 (20170705) | Nessus | Scientific Linux Local Security Checks | medium |
101254 | RHEL 7 : bind (RHSA-2017:1680) | Nessus | Red Hat Local Security Checks | medium |
101253 | RHEL 6 : bind (RHSA-2017:1679) | Nessus | Red Hat Local Security Checks | medium |
101252 | OracleVM 3.3 / 3.4 : bind (OVMSA-2017-0122) | Nessus | OracleVM Local Security Checks | medium |
101250 | Oracle Linux 7 : bind (ELSA-2017-1680) | Nessus | Oracle Linux Local Security Checks | medium |
101249 | Oracle Linux 6 : bind (ELSA-2017-1679) | Nessus | Oracle Linux Local Security Checks | medium |
101246 | Fedora 25 : 32:bind / bind-dyndb-ldap / dnsperf (2017-d04f7ddd73) | Nessus | Fedora Local Security Checks | medium |
101236 | CentOS 7 : bind (CESA-2017:1680) | Nessus | CentOS Local Security Checks | medium |
101235 | CentOS 6 : bind (CESA-2017:1679) | Nessus | CentOS Local Security Checks | medium |
101232 | ISC BIND 9 < 9.9.10-P2 / 9.9.10-S3 / 9.10.5-P2 / 9.10.5-S3 / 9.11.1-P2 Multiple Vulnerabilities | Nessus | DNS | medium |
101157 | Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : bind9 vulnerabilities (USN-3346-1) | Nessus | Ubuntu Local Security Checks | medium |
101147 | SUSE SLES12 Security Update : bind (SUSE-SU-2017:1738-1) | Nessus | SuSE Local Security Checks | medium |
101146 | SUSE SLES11 Security Update : bind (SUSE-SU-2017:1737-1) | Nessus | SuSE Local Security Checks | medium |
101145 | SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2017:1736-1) | Nessus | SuSE Local Security Checks | medium |
101116 | Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : bind (SSA:2017-180-02) | Nessus | Slackware Local Security Checks | medium |