The vulnerability of the BIND DNS server, related to the lack of use of the assert() function, allows a hacker to trigger a service failure.

🗓️ 31 May 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

Bind domain name server vulnerability from insufficient assert usage; may trigger service failure via named parameter during domain name system sixty four.

Reporter	Title	Published	Views	Family All 171
IBM Security Bulletins	Security Bulletin: Vulnerabilities in bind and dnsmasq affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products	26 Feb 202515:47	–	ibm
IBM Security Bulletins	Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND	5 Jun 202416:04	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Observability with Instana using third-party Kubernetes Operators is affected by Multiple Security Vulnerabilities	13 Jun 202406:21	–	ibm
IBM Security Bulletins	Security Bulletin: ISC BIND on IBM i is vulnerable to denial of service attacks due to multiple vulnerabilities.	1 Mar 202415:22	–	ibm
Tenable Nessus	Amazon Linux 2023 : bind, bind-chroot, bind-devel (ALAS2023-2024-550)	6 Mar 202400:00	–	nessus
Tenable Nessus	AlmaLinux 8 : bind9.16 (ALSA-2024:1781)	12 Apr 202400:00	–	nessus
Tenable Nessus	AlmaLinux 9 : bind (ALSA-2024:1789)	12 Apr 202400:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: bind (CVE-2023-5679)	10 Feb 202500:00	–	nessus
Tenable Nessus	ISC BIND 9.16.12 < 9.16.48 / 9.16.12-S1 < 9.16.48-S1 / 9.18.0 < 9.18.24 / 9.18.11-S1 < 9.18.24-S1 / 9.19.0 < 9.19.21 Assertion Failure (cve-2023-5679)	13 Feb 202400:00	–	nessus
Tenable Nessus	Debian dsa-5621 : bind9 - security update	14 Feb 202400:00	–	nessus

Vulners

Node

novell suse_manager_retail_branch_serverMatch4.3

novell suse_manager_proxyMatch4.3

novell suse_manager_serverMatch4.3

internet_systems_consortium bindRange9.18.0–9.18.21

internet_systems_consortium bindRange9.19.0–9.19.19

internet_systems_consortium bindRange9.16.12–9.16.45

internet_systems_consortium bindRange9.16.12-s1–9.16.45-s1

internet_systems_consortium bindRange9.18.11-s1–9.18.21-s1

novell opensuse_leapMatch15.5

red_hat red_hat_enterprise_linuxMatch8

oracle oracle_linuxMatch8

red_hat red_hat_enterprise_linuxMatch9

fedora fedoraMatch38

fedora fedoraMatch39

oracle oracle_linuxMatch9

canonical ubuntuMatch23.10

novell suse_liberty_linuxMatch9

novell suse_liberty_linuxMatch8

Source	Link
kb	www.kb.isc.org/docs/cve-2023-5679
openwall	www.openwall.com/lists/oss-security/2024/02/13/1
security-tracker	www.security-tracker.debian.org/tracker/CVE-2023-5679
ubuntu	www.ubuntu.com/security/notices/USN-6633-1
access	www.access.redhat.com/security/cve/cve-2023-5679
suse	www.suse.com/security/cve/CVE-2023-5679.html
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/HVRDSJVZKMCXKKPP6PNR62T7RWZ3YSDZ/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/PNNHZSZPG2E7NBMBNYPGHCFI4V4XRWNQ/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/RGS7JN6FZXUSTC2XKQHH27574XOULYYJ/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/ZDZFMEKQTZ4L7RY46FCENWFB5MDT263R/

26 Aug 2024 00:00Current

7.2High risk

Vulners AI Score7.2

CVSS 37.5

CVSS 27.8

EPSS0.01231