This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Isc First view 2010-10-05
Product Bind Last view 2020-08-21
Version 9.7.2b1 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:isc:bind

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
4.3 2020-08-21 CVE-2020-8624

In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone.

7.5 2020-08-21 CVE-2020-8623

In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with "--enable-native-pkcs11" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker

6.5 2020-08-21 CVE-2020-8622

In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit.

7.5 2020-08-21 CVE-2020-8621

In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected.

7.5 2020-08-21 CVE-2020-8620

In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit.

4.9 2020-06-17 CVE-2020-8619

In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable.

4.9 2020-06-17 CVE-2020-8618

An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.

7.5 2020-05-19 CVE-2020-8617

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.

8.6 2020-05-19 CVE-2020-8616

A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor.

7.5 2019-11-26 CVE-2019-6477

With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem).

5.9 2019-11-05 CVE-2013-5661

Cache Poisoning issue exists in DNS Response Rate Limiting.

7.5 2019-10-30 CVE-2018-5742

While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420. Affects RedHat versions bind-9.9.4-65.el7 -> bind-9.9.4-72.el7. No ISC releases are affected. Other packages from other distributions who made the same error may also be affected.

7.5 2019-10-17 CVE-2019-6476

A defect in code added to support QNAME minimization can cause named to exit with an assertion failure if a forwarder returns a referral rather than resolving the query. This affects BIND versions 9.14.0 up to 9.14.6, and 9.15.0 up to 9.15.4.

7.5 2019-10-17 CVE-2019-6475

Mirror zones are a BIND feature allowing recursive servers to pre-cache zone data provided by other servers. A mirror zone is similar to a zone of type secondary, except that its data is subject to DNSSEC validation before being used in answers, as if it had been looked up via traditional recursion, and when mirror zone data cannot be validated, BIND falls back to using traditional recursion instead of the mirror zone. However, an error in the validity checks for the incoming zone data can allow an on-path attacker to replace zone data that was validated with a configured trust anchor with forged data of the attacker's choosing. The mirror zone feature is most often used to serve a local copy of the root zone. If an attacker was able to insert themselves into the network path between a recursive server using a mirror zone and a root name server, this vulnerability could then be used to cause the recursive server to accept a copy of falsified root zone data. This affects BIND versions 9.14.0 up to 9.14.6, and 9.15.0 up to 9.15.4.

5.9 2019-10-09 CVE-2019-6471

A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1.

7.5 2019-10-09 CVE-2019-6467

A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAIN redirection for recursive clients, is also serving a local copy of the root zone or using mirroring to provide the root zone, although other configurations are also possible. Versions affected: BIND 9.12.0-> 9.12.4, 9.14.0. Also affects all releases in the 9.13 development branch.

5.3 2019-10-09 CVE-2019-6465

Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465.

4.9 2019-10-09 CVE-2018-5745

"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor's keys are replaced with keys which use an unsupported algorithm. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745.

7.5 2019-10-09 CVE-2018-5744

A failure to free memory can occur when processing messages having a specific combination of EDNS options. Versions affected are: BIND 9.10.7 -> 9.10.8-P1, 9.11.3 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.10.7-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected.

7.5 2019-10-09 CVE-2018-5743

By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -> 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743.

6.5 2019-01-16 CVE-2018-5741

To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the types of updates that can be performed by a client, depending on the key used when sending the update request. Unfortunately, some rule types were not initially documented, and when documentation for them was added to the Administrator Reference Manual (ARM) in change #3112, the language that was added to the ARM at that time incorrectly described the behavior of two rule types, krb5-subdomain and ms-subdomain. This incorrect documentation could mislead operators into believing that policies they had configured were more restrictive than they actually were. This affects BIND versions prior to BIND 9.11.5 and BIND 9.12.3.

7.5 2019-01-16 CVE-2018-5740

"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.

7.5 2019-01-16 CVE-2017-3145

BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1.

5.9 2019-01-16 CVE-2017-3143

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2.

3.7 2019-01-16 CVE-2017-3142

An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: providing an AXFR of a zone to an unauthorized recipient or accepting bogus NOTIFY packets. Affects BIND 9.4.0->9.8.8, 9.9.0->9.9.10-P1, 9.10.0->9.10.5-P1, 9.11.0->9.11.1-P1, 9.9.3-S1->9.9.10-S2, 9.10.5-S1->9.10.5-S2.

CWE : Common Weakness Enumeration

%idName
28% (10) CWE-617 Reachable Assertion
25% (9) CWE-20 Improper Input Validation
8% (3) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
5% (2) CWE-269 Improper Privilege Management
2% (1) CWE-772 Missing Release of Resource after Effective Lifetime
2% (1) CWE-770 Allocation of Resources Without Limits or Throttling
2% (1) CWE-732 Incorrect Permission Assignment for Critical Resource
2% (1) CWE-428 Unquoted Search Path or Element
2% (1) CWE-416 Use After Free
2% (1) CWE-404 Improper Resource Shutdown or Release
2% (1) CWE-362 Race Condition
2% (1) CWE-345 Insufficient Verification of Data Authenticity
2% (1) CWE-327 Use of a Broken or Risky Cryptographic Algorithm
2% (1) CWE-290 Authentication Bypass by Spoofing
2% (1) CWE-19 Data Handling

Open Source Vulnerability Database (OSVDB)

id Description
73605 ISC BIND UPDATE Request Parsing Remote DoS
68271 ISC BIND DNSSEC Query Validation Response Signature Handling Remote DoS

OpenVAS Exploits

id Description
2012-09-10 Name : Slackware Advisory SSA:2011-189-01 bind
File : nvt/esoft_slk_ssa_2011_189_01.nasl
2012-09-10 Name : Slackware Advisory SSA:2011-224-01 bind
File : nvt/esoft_slk_ssa_2011_224_01.nasl
2012-08-10 Name : Gentoo Security Advisory GLSA 201206-01 (bind)
File : nvt/glsa_201206_01.nasl
2012-07-30 Name : CentOS Update for bind97 CESA-2011:0926 centos5 x86_64
File : nvt/gb_CESA-2011_0926_bind97_centos5_x86_64.nasl
2012-03-16 Name : VMSA-2011-0004.3 VMware ESX/ESXi SLPD denial of service vulnerability and ESX...
File : nvt/gb_VMSA-2011-0004.nasl
2011-11-28 Name : Fedora Update for bind FEDORA-2011-16002
File : nvt/gb_fedora_2011_16002_bind_fc14.nasl
2011-10-20 Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2011-006)
File : nvt/gb_macosx_su11-006.nasl
2011-08-18 Name : SuSE Update for bind SUSE-SA:2011:029
File : nvt/gb_suse_2011_029.nasl
2011-08-09 Name : CentOS Update for bind CESA-2010:0976 centos5 i386
File : nvt/gb_CESA-2010_0976_bind_centos5_i386.nasl
2011-08-09 Name : CentOS Update for bind97 CESA-2011:0926 centos5 i386
File : nvt/gb_CESA-2011_0926_bind97_centos5_i386.nasl
2011-08-03 Name : FreeBSD Ports: bind96
File : nvt/freebsd_bind96.nasl
2011-08-03 Name : Debian Security Advisory DSA 2272-1 (bind9)
File : nvt/deb_2272_1.nasl
2011-07-27 Name : Fedora Update for bind FEDORA-2011-9127
File : nvt/gb_fedora_2011_9127_bind_fc14.nasl
2011-07-22 Name : Mandriva Update for bind MDVSA-2011:115 (bind)
File : nvt/gb_mandriva_MDVSA_2011_115.nasl
2011-07-18 Name : Fedora Update for bind FEDORA-2011-9146
File : nvt/gb_fedora_2011_9146_bind_fc15.nasl
2011-07-08 Name : RedHat Update for bind RHSA-2011:0926-01
File : nvt/gb_RHSA-2011_0926-01_bind.nasl
2011-07-08 Name : Ubuntu Update for bind9 USN-1163-1
File : nvt/gb_ubuntu_USN_1163_1.nasl
2011-06-06 Name : Ubuntu Update for bind9 USN-1139-1
File : nvt/gb_ubuntu_USN_1139_1.nasl
2011-01-14 Name : ISC BIND 9 < 9.7.2-P2 Multiple Vulnerabilities
File : nvt/gb_bind_9_7_2_P2.nasl
2010-12-28 Name : RedHat Update for bind RHSA-2010:0976-01
File : nvt/gb_RHSA-2010_0976-01_bind.nasl
2010-12-28 Name : Mandriva Update for bind MDVSA-2010:253 (bind)
File : nvt/gb_mandriva_MDVSA_2010_253.nasl
2010-09-30 Name : ISC BIND Denial Of Service and Security Bypass Vulnerability
File : nvt/gb_bind_43573.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0208 Multiple Vulnerabilities in ISC BIND
Severity: Category I - VMSKEY: V0061377
2015-B-0099 McAfee Firewall Enterprise Denial of Service Vulnerability
Severity: Category I - VMSKEY: V0061291
2011-A-0066 Multiple Vulnerabilities in VMware Products
Severity: Category I - VMSKEY: V0027158

Snort® IPS/IDS

Date Description
2020-09-02 BIND DNS server TSIG denial of service attempt
RuleID : 54630 - Type : PROTOCOL-DNS - Revision : 1
2020-01-03 ISC BIND deny-answer-aliases denial of service attempt
RuleID : 52344 - Type : SERVER-OTHER - Revision : 1
2020-01-03 ISC BIND deny-answer-aliases denial of service attempt
RuleID : 52343 - Type : SERVER-OTHER - Revision : 1
2019-12-05 ISC BIND DHCP client DNAME resource record parsing denial of service attempt
RuleID : 52078 - Type : SERVER-OTHER - Revision : 1
2019-09-24 ISC BIND multiple ENDS Key Tag options denial of service attempt
RuleID : 51144 - Type : SERVER-OTHER - Revision : 1
2016-11-08 ISC BIND isc__buffer_add assertion failure denial of service attempt
RuleID : 40344 - Type : PROTOCOL-DNS - Revision : 2
2016-03-14 ISC BIND zero length OPENPGPKEY rdata response attempt
RuleID : 36130 - Type : PROTOCOL-DNS - Revision : 4
2015-10-20 ISC BIND DNSSEC response unsupported cryptographic algorithm attempt
RuleID : 36056 - Type : PROTOCOL-DNS - Revision : 2
2015-10-20 ISC BIND DNSSEC response unsupported DNSKEY cryptographic algorithm attempt
RuleID : 36055 - Type : PROTOCOL-DNS - Revision : 3
2015-09-03 ISC BIND TKEY query processing denial of service attempt
RuleID : 35943 - Type : PROTOCOL-DNS - Revision : 2
2015-09-03 ISC BIND TKEY query processing denial of service attempt
RuleID : 35942 - Type : PROTOCOL-DNS - Revision : 2
2015-09-03 ISC BIND TKEY Query denial of service attempt
RuleID : 35425 - Type : SERVER-OTHER - Revision : 3
2015-09-03 ISC BIND TKEY Query denial of service attempt
RuleID : 35424 - Type : SERVER-OTHER - Revision : 3

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-10 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa10917_184R1.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-5417ca3713.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-a54e46032f.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-f22b937f52.nasl - Type: ACT_GATHER_INFO
2018-11-28 Name: The remote name server is affected by a policy bypass which enables an unauth...
File: bind9_CVE-2018-5741.nasl - Type: ACT_GATHER_INFO
2018-11-27 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZLSA-2017-1679.nasl - Type: ACT_GATHER_INFO
2018-11-05 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL98528405.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL08613310.nasl - Type: ACT_GATHER_INFO
2018-10-26 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1328.nasl - Type: ACT_GATHER_INFO
2018-10-26 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1343.nasl - Type: ACT_GATHER_INFO
2018-10-15 Name: The remote Fedora host is missing a security update.
File: fedora_2018-54d84b0b0c.nasl - Type: ACT_GATHER_INFO
2018-09-27 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1281.nasl - Type: ACT_GATHER_INFO
2018-09-27 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1282.nasl - Type: ACT_GATHER_INFO
2018-09-27 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2018-1082.nasl - Type: ACT_GATHER_INFO
2018-09-20 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1082.nasl - Type: ACT_GATHER_INFO
2018-08-31 Name: The remote Debian host is missing a security update.
File: debian_DLA-1485.nasl - Type: ACT_GATHER_INFO
2018-08-29 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-2570.nasl - Type: ACT_GATHER_INFO
2018-08-29 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2018-2571.nasl - Type: ACT_GATHER_INFO
2018-08-23 Name: The remote Fedora host is missing a security update.
File: fedora_2018-90f8fbd58e.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0021.nasl - Type: ACT_GATHER_INFO
2018-08-16 Name: The remote name server is affected by a denial of service vulnerability.
File: bind9_9122_p1.nasl - Type: ACT_GATHER_INFO
2018-08-13 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2018-222-01.nasl - Type: ACT_GATHER_INFO
2018-04-18 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2018-954.nasl - Type: ACT_GATHER_INFO
2018-02-22 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-954.nasl - Type: ACT_GATHER_INFO
2018-02-13 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1037.nasl - Type: ACT_GATHER_INFO