Lucene search

K
amazonAmazonALAS-2019-1244
HistoryJul 17, 2019 - 11:52 p.m.

Important: bind

2019-07-1723:52:00
alas.aws.amazon.com
105

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

57.6%

Issue Overview:

A flaw was found in the way bind implemented tunable which limited simultaneous TCP client connections. A remote attacker could use this flaw to exhaust the pool of file descriptors available to named, potentially affecting network connections and the management of files such as log files or zone journal files. In cases where the named process is not limited by OS-enforced per-process limits, this could additionally potentially lead to exhaustion of all available free file descriptors on that system. (CVE-2018-5743)

Affected Packages:

bind

Issue Correction:
Run yum update bind to update your system.

New Packages:

i686:  
    bind-9.8.2-0.68.rc1.60.amzn1.i686  
    bind-utils-9.8.2-0.68.rc1.60.amzn1.i686  
    bind-libs-9.8.2-0.68.rc1.60.amzn1.i686  
    bind-chroot-9.8.2-0.68.rc1.60.amzn1.i686  
    bind-devel-9.8.2-0.68.rc1.60.amzn1.i686  
    bind-sdb-9.8.2-0.68.rc1.60.amzn1.i686  
    bind-debuginfo-9.8.2-0.68.rc1.60.amzn1.i686  
  
src:  
    bind-9.8.2-0.68.rc1.60.amzn1.src  
  
x86_64:  
    bind-chroot-9.8.2-0.68.rc1.60.amzn1.x86_64  
    bind-debuginfo-9.8.2-0.68.rc1.60.amzn1.x86_64  
    bind-sdb-9.8.2-0.68.rc1.60.amzn1.x86_64  
    bind-9.8.2-0.68.rc1.60.amzn1.x86_64  
    bind-devel-9.8.2-0.68.rc1.60.amzn1.x86_64  
    bind-utils-9.8.2-0.68.rc1.60.amzn1.x86_64  
    bind-libs-9.8.2-0.68.rc1.60.amzn1.x86_64  

Additional References

Red Hat: CVE-2018-5743

Mitre: CVE-2018-5743

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

57.6%