Executive Summary

Informations
NameCVE-2017-3136First vendor Publication2019-01-16
VendorCveLast vendor Modification2019-02-11

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Cvss Base Score4.3Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3136

CWE : Common Weakness Enumeration

%idName
100 %CWE-20Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application148
Application1
Application1
Application1
Os1
Os2
Os2
Os3
Os4
Os2
Os2

Nessus® Vulnerability Scanner

DateDescription
2019-01-10Name : The remote device is affected by multiple vulnerabilities.
File : juniper_space_jsa10917_184R1.nasl - Type : ACT_GATHER_INFO
2017-08-17Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201708-01.nasl - Type : ACT_GATHER_INFO
2017-07-17Name : The remote Fedora host is missing a security update.
File : fedora_2017-a354efc764.nasl - Type : ACT_GATHER_INFO
2017-07-17Name : The remote Fedora host is missing a security update.
File : fedora_2017-f9f909a7b7.nasl - Type : ACT_GATHER_INFO
2017-07-13Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-1095.nasl - Type : ACT_GATHER_INFO
2017-07-13Name : The remote Virtuozzo host is missing a security update.
File : Virtuozzo_VZLSA-2017-1105.nasl - Type : ACT_GATHER_INFO
2017-05-30Name : The remote Debian host is missing a security update.
File : debian_DLA-957.nasl - Type : ACT_GATHER_INFO
2017-05-15Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3854.nasl - Type : ACT_GATHER_INFO
2017-05-10Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0100.nasl - Type : ACT_GATHER_INFO
2017-05-08Name : The remote Fedora host is missing a security update.
File : fedora_2017-edce28f24b.nasl - Type : ACT_GATHER_INFO
2017-05-03Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1077.nasl - Type : ACT_GATHER_INFO
2017-05-03Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2017-1078.nasl - Type : ACT_GATHER_INFO
2017-04-28Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2017-826.nasl - Type : ACT_GATHER_INFO
2017-04-24Name : The remote Fedora host is missing a security update.
File : fedora_2017-0a876b0ba5.nasl - Type : ACT_GATHER_INFO
2017-04-21Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2017-1105.nasl - Type : ACT_GATHER_INFO
2017-04-21Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-1105.nasl - Type : ACT_GATHER_INFO
2017-04-21Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2017-0066.nasl - Type : ACT_GATHER_INFO
2017-04-21Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-1105.nasl - Type : ACT_GATHER_INFO
2017-04-21Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20170420_bind_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2017-04-20Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2017-1095.nasl - Type : ACT_GATHER_INFO
2017-04-20Name : The remote Fedora host is missing a security update.
File : fedora_2017-44e494db1e.nasl - Type : ACT_GATHER_INFO
2017-04-20Name : The remote Fedora host is missing a security update.
File : fedora_2017-ee4b0f53cb.nasl - Type : ACT_GATHER_INFO
2017-04-20Name : The remote openSUSE host is missing a security update.
File : openSUSE-2017-491.nasl - Type : ACT_GATHER_INFO
2017-04-20Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2017-1095.nasl - Type : ACT_GATHER_INFO
2017-04-20Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20170419_bind_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2017-04-19Name : The remote name server is affected by multiple vulnerabilities.
File : bind9_CVE-2017-3138.nasl - Type : ACT_GATHER_INFO
2017-04-19Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2017-1095.nasl - Type : ACT_GATHER_INFO
2017-04-18Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-3259-1.nasl - Type : ACT_GATHER_INFO
2017-04-14Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2017-103-01.nasl - Type : ACT_GATHER_INFO
2017-04-13Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_c68614941ffb11e7934dd05099c0ae8c.nasl - Type : ACT_GATHER_INFO
2017-04-13Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-0998-1.nasl - Type : ACT_GATHER_INFO
2017-04-13Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-0999-1.nasl - Type : ACT_GATHER_INFO
2017-04-13Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2017-1000-1.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/97653
CONFIRM https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId...
https://kb.isc.org/docs/aa-01465
https://security.netapp.com/advisory/ntap-20180802-0002/
DEBIAN https://www.debian.org/security/2017/dsa-3854
GENTOO https://security.gentoo.org/glsa/201708-01
REDHAT https://access.redhat.com/errata/RHSA-2017:1095
https://access.redhat.com/errata/RHSA-2017:1105
SECTRACK http://www.securitytracker.com/id/1038259

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2019-02-12 00:18:49
  • Multiple Updates
2019-01-17 17:18:52
  • Multiple Updates
2019-01-17 00:19:17
  • First insertion