Lucene search
HistoryOct 09, 2019 - 4:15 p.m.
CVE-2019-6471
cve-2019-6471
bind
race condition
assertion failure
nvd
security vulnerability
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
45.0%
A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1.
Affected configurations
Node
f5big-ip_local_traffic_managerRange11.5.2–11.5.9
ORf5big-ip_local_traffic_managerRange11.6.1–11.6.4
ORf5big-ip_local_traffic_managerRange12.1.0–12.1.4
ORf5big-ip_local_traffic_managerRange13.1.0–13.1.1
ORf5big-ip_local_traffic_managerMatch14.0.0
ORf5big-ip_local_traffic_managerMatch14.1.0
ORf5big-ip_local_traffic_managerMatch15.0.0
Node
f5big-ip_application_acceleration_managerRange11.5.2–11.5.9
ORf5big-ip_application_acceleration_managerRange11.6.1–11.6.4
ORf5big-ip_application_acceleration_managerRange12.1.0–12.1.4
ORf5big-ip_application_acceleration_managerRange13.1.0–13.1.1
ORf5big-ip_application_acceleration_managerMatch14.0.0
ORf5big-ip_application_acceleration_managerMatch14.1.0
ORf5big-ip_application_acceleration_managerMatch15.0.0
Node
f5big-ip_advanced_firewall_managerRange11.5.2–11.5.9
ORf5big-ip_advanced_firewall_managerRange11.6.1–11.6.4
ORf5big-ip_advanced_firewall_managerRange12.1.0–12.1.4
ORf5big-ip_advanced_firewall_managerRange13.1.0–13.1.1
ORf5big-ip_advanced_firewall_managerMatch14.0.0
ORf5big-ip_advanced_firewall_managerMatch14.1.0
ORf5big-ip_advanced_firewall_managerMatch15.0.0
Node
f5big-ip_analyticsRange11.5.2–11.5.9
ORf5big-ip_analyticsRange11.6.1–11.6.4
ORf5big-ip_analyticsRange12.1.0–12.1.4
ORf5big-ip_analyticsRange13.1.0–13.1.1
ORf5big-ip_analyticsMatch14.0.0
ORf5big-ip_analyticsMatch14.1.0
ORf5big-ip_analyticsMatch15.0.0
Node
f5big-ip_access_policy_managerRange11.5.2–11.5.9
ORf5big-ip_access_policy_managerRange11.6.1–11.6.4
ORf5big-ip_access_policy_managerRange12.1.0–12.1.4
ORf5big-ip_access_policy_managerRange13.1.0–13.1.1
ORf5big-ip_access_policy_managerMatch14.0.0
ORf5big-ip_access_policy_managerMatch14.1.0
ORf5big-ip_access_policy_managerMatch15.0.0
Node
f5big-ip_application_security_managerRange11.5.2–11.5.9
ORf5big-ip_application_security_managerRange11.6.1–11.6.4
ORf5big-ip_application_security_managerRange12.1.0–12.1.4
ORf5big-ip_application_security_managerRange13.1.0–13.1.1
ORf5big-ip_application_security_managerMatch14.0.0
ORf5big-ip_application_security_managerMatch14.1.0
ORf5big-ip_application_security_managerMatch15.0.0
Node
f5big-ip_edge_gatewayRange11.5.2–11.5.9
ORf5big-ip_edge_gatewayRange11.6.1–11.6.4
ORf5big-ip_edge_gatewayRange12.1.0–12.1.4
ORf5big-ip_edge_gatewayRange13.1.0–13.1.1
ORf5big-ip_edge_gatewayMatch14.0.0
ORf5big-ip_edge_gatewayMatch14.1.0
ORf5big-ip_edge_gatewayMatch15.0.0
Node
f5big-ip_fraud_protection_serviceRange11.5.2–11.5.9
ORf5big-ip_fraud_protection_serviceRange11.6.1–11.6.4
ORf5big-ip_fraud_protection_serviceRange12.1.0–12.1.4
ORf5big-ip_fraud_protection_serviceRange13.1.0–13.1.1
ORf5big-ip_fraud_protection_serviceMatch14.0.0
ORf5big-ip_fraud_protection_serviceMatch14.1.0
ORf5big-ip_fraud_protection_serviceMatch15.0.0
Node
f5big-ip_global_traffic_managerRange11.5.2–11.5.9
ORf5big-ip_global_traffic_managerRange11.6.1–11.6.4
ORf5big-ip_global_traffic_managerRange12.1.0–12.1.4
ORf5big-ip_global_traffic_managerRange13.1.0–13.1.1
ORf5big-ip_global_traffic_managerMatch9.2.2
ORf5big-ip_global_traffic_managerMatch14.0.0
ORf5big-ip_global_traffic_managerMatch14.1.0
ORf5big-ip_global_traffic_managerMatch15.0.0
Node
f5big-ip_link_controllerRange11.5.2–11.5.9
ORf5big-ip_link_controllerRange11.6.1–11.6.4
ORf5big-ip_link_controllerRange12.1.0–12.1.4
ORf5big-ip_link_controllerRange13.1.0–13.1.1
ORf5big-ip_link_controllerMatch9.2.2
ORf5big-ip_link_controllerMatch14.0.0
ORf5big-ip_link_controllerMatch14.1.0
ORf5big-ip_link_controllerMatch15.0.0
Node
f5big-ip_webacceleratorRange11.5.2–11.5.9
ORf5big-ip_webacceleratorRange11.6.1–11.6.4
ORf5big-ip_webacceleratorRange12.1.0–12.1.4
ORf5big-ip_webacceleratorRange13.1.0–13.1.1
ORf5big-ip_webacceleratorMatch9.2.2
ORf5big-ip_webacceleratorMatch14.0.0
ORf5big-ip_webacceleratorMatch14.1.0
ORf5big-ip_webacceleratorMatch15.0.0
Node
f5big-ip_policy_enforcement_managerRange11.5.2–11.5.9
ORf5big-ip_policy_enforcement_managerRange11.6.1–11.6.4
ORf5big-ip_policy_enforcement_managerRange12.1.0–12.1.4
ORf5big-ip_policy_enforcement_managerRange13.1.0–13.1.1
ORf5big-ip_policy_enforcement_managerMatch9.2.2
ORf5big-ip_policy_enforcement_managerMatch14.0.0
ORf5big-ip_policy_enforcement_managerMatch14.1.0
ORf5big-ip_policy_enforcement_managerMatch15.0.0
Node
iscbindRange9.11.0–9.11.7
ORiscbindRange9.12.0–9.12.3
ORiscbindRange9.13.0–9.13.7
ORiscbindRange9.14.0–9.14.2
ORiscbindRange9.15.0–9.15.5
ORiscbindMatch9.11.3s1supported_preview
ORiscbindMatch9.11.7s1supported_preview
ORiscbindMatch9.12.4-
ORiscbindMatch9.12.4p1
Node
f5enterprise_managerMatch3.1.1
Node
f5big-iq_centralized_managementRange5.1.0–5.4.0
ORf5big-iq_centralized_managementRange6.0.0–6.1.0
Node
f5iworkflowMatch2.3.0
Node
f5big-ip_domain_name_systemRange11.5.2–11.5.9
ORf5big-ip_domain_name_systemRange11.6.1–11.6.4
ORf5big-ip_domain_name_systemRange12.1.0–12.1.4
ORf5big-ip_domain_name_systemRange13.1.0–13.1.1
ORf5big-ip_domain_name_systemMatch9.2.2
ORf5big-ip_domain_name_systemMatch14.0.0
ORf5big-ip_domain_name_systemMatch14.1.0
ORf5big-ip_domain_name_systemMatch15.0.0
CNA Affected
[
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1."
}
]
}
]Related
ubuntu
ubuntu
Bind vulnerability
2019-06-20 00:00:00
f5
f5
K10092301 : BIND vulnerability CVE-2019-6471
2019-07-23 00:00:00
oraclelinux
oraclelinux
bind security update
2019-07-30 00:00:00
bind security and bug fix update
2019-11-14 00:00:00
bind security, bug fix, and enhancement update
2019-08-13 00:00:00
suse
suse
Security update for bind (important)
2019-10-06 00:00:00
Security update for bind (important)
2019-10-06 00:00:00
nessus
nessus
Slackware 14.0 / 14.1 / 14.2 / current : bind (SSA:2019-171-01)
2019-06-21 00:00:00
openSUSE Security Update : bind (openSUSE-2019-2265)
2019-10-07 00:00:00
openSUSE Security Update : bind (openSUSE-2019-2263)
2019-10-07 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: dnsperf-2.3.0-1.fc30
2019-07-22 01:04:31
[SECURITY] Fedora 30 Update: dhcp-4.3.6-35.fc30
2019-07-22 01:04:31
[SECURITY] Fedora 29 Update: dhcp-4.3.6-34.fc29
2019-09-14 01:54:49
alpinelinux
alpinelinux
CVE-2019-6471
2019-10-09 16:15:17
ibm
ibm
cvelist
cvelist
openvas
openvas
Fedora Update for dnsperf FEDORA-2019-f72801c260
2019-07-22 00:00:00
Fedora Update for bind-dyndb-ldap FEDORA-2019-f72801c260
2019-07-22 00:00:00
Fedora Update for dhcp FEDORA-2019-d04f66e595
2019-09-15 00:00:00
nvd
nvd
CVE-2019-6471
2019-10-09 16:15:17
redhat
redhat
(RHSA-2019:1714) Important: bind security update
2019-07-09 20:01:09
slackware
slackware
[slackware-security] bind
2019-06-20 18:56:39
ubuntucve
ubuntucve
CVE-2019-6471
2019-06-19 00:00:00
debiancve
debiancve
CVE-2019-6471
2019-10-09 16:15:17
cisa
cisa
ISC Releases BIND Security Updates
2019-06-19 00:00:00
redhatcve
redhatcve
CVE-2019-6471
2020-03-30 01:50:44
veracode
veracode
Denial Of Service (DoS)
2020-12-06 04:49:02
altlinux
altlinux
Security fix for the ALT Linux 9 package bind version 9.11.8-alt1
2019-06-20 00:00:00
Security fix for the ALT Linux 10 package bind version 9.11.8-alt1
2019-06-20 00:00:00
prion
prion
Race condition
2019-10-09 16:15:00
osv
osv
CVE-2019-6471
2019-10-09 16:15:17
mageia
mageia
Updated bind packages fix security vulnerabilities
2019-10-24 00:06:40
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2020-2.0-0199
2020-01-05 00:00:00
Important Photon OS Security Update - PHSA-2019-0199
2019-12-30 00:00:00
Critical Photon OS Security Update - PHSA-2020-0049
2020-01-18 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
45.0%
Related for CVE-2019-6471