CVE-2019-6465

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465.

References

https://access.redhat.com/errata/RHSA-2019:3552

https://kb.isc.org/docs/cve-2019-6465

Details

Source: MITRE

Published: 2019-10-09

Updated: 2019-12-16

Type: CWE-732

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 5.3

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Impact Score: 1.4

Exploitability Score: 3.9

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:* versions from 9.9.0 to 9.10.7 (inclusive)

cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.10.8:-:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.10.8:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:* versions from 9.11.0 to 9.11.4 (inclusive)

cpe:2.3:a:isc:bind:9.11.5:-:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.11.5:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.11.5:p2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*

cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:* versions from 9.12.0 to 9.12.2 (inclusive)

cpe:2.3:a:isc:bind:9.12.3:-:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.12.3:p1:*:*:*:*:*:*

cpe:2.3:a:isc:bind:9.12.3:p2:*:*:*:*:*:*

cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:* versions from 9.13.0 to 9.13.6 (inclusive)

Configuration 2

OR

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Tenable Plugins

View all (25 total)

IDNameProductFamilySeverity
144003NewStart CGSL CORE 5.05 / MAIN 5.05 : bind Multiple Vulnerabilities (NS-SA-2020-0095)NessusNewStart CGSL Local Security Checks
medium
143897NewStart CGSL CORE 5.04 / MAIN 5.04 : bind Multiple Vulnerabilities (NS-SA-2020-0063)NessusNewStart CGSL Local Security Checks
medium
138043Amazon Linux 2 : bind (ALAS-2020-1441)NessusAmazon Linux Local Security Checks
medium
135801Scientific Linux Security Update : bind on SL7.x x86_64 (20200407)NessusScientific Linux Local Security Checks
medium
135622EulerOS Virtualization 3.0.2.2 : bind (EulerOS-SA-2020-1460)NessusHuawei Local Security Checks
medium
135328CentOS 7 : bind (CESA-2020:1061)NessusCentOS Local Security Checks
medium
135069RHEL 7 : bind (RHSA-2020:1061)NessusRed Hat Local Security Checks
medium
134492EulerOS Virtualization for ARM 64 3.0.2.0 : bind (EulerOS-SA-2020-1203)NessusHuawei Local Security Checks
medium
132274EulerOS 2.0 SP3 : bind (EulerOS-SA-2019-2557)NessusHuawei Local Security Checks
medium
131607EulerOS 2.0 SP2 : bind (EulerOS-SA-2019-2453)NessusHuawei Local Security Checks
medium
131486EulerOS Virtualization for ARM 64 3.0.3.0 : bind (EulerOS-SA-2019-2321)NessusHuawei Local Security Checks
high
130837EulerOS 2.0 SP5 : bind (EulerOS-SA-2019-2128)NessusHuawei Local Security Checks
medium
130551RHEL 8 : bind (RHSA-2019:3552)NessusRed Hat Local Security Checks
medium
129526SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2019:2502-1)NessusSuSE Local Security Checks
medium
128191EulerOS 2.0 SP8 : bind (EulerOS-SA-2019-1822)NessusHuawei Local Security Checks
medium
125808openSUSE Security Update : bind (openSUSE-2019-1533)NessusSuSE Local Security Checks
medium
125807openSUSE Security Update : bind (openSUSE-2019-1532)NessusSuSE Local Security Checks
medium
125799SUSE SLES12 Security Update : bind (SUSE-SU-2019:1449-1)NessusSuSE Local Security Checks
medium
125759SUSE SLES11 Security Update : bind (SUSE-SU-2019:14074-1)NessusSuSE Local Security Checks
high
125703SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2019:1407-1)NessusSuSE Local Security Checks
medium
124722Debian DSA-4440-1 : bind9 - security updateNessusDebian Local Security Checks
medium
122553F5 Networks BIG-IP : BIND vulnerability (K01713115)NessusF5 Networks Local Security Checks
medium
122513Debian DLA-1697-1 : bind9 security updatNessusDebian Local Security Checks
medium
122507ISC BIND Multiple VulnerabilitiesNessusDNS
medium
122399Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 18.10 : Bind vulnerabilities (USN-3893-1)NessusUbuntu Local Security Checks
medium