CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
98.7%
It was discovered that Bind incorrectly handled certain malformed responses to an ANY query. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service (CVE-2016-9131). It was discovered that Bind incorrectly handled certain malformed responses to an ANY query. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service (CVE-2016-9147). It was discovered that Bind incorrectly handled certain malformed DS record responses. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service (CVE-2016-9444). An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes (CVE-2016-9778). It was discovered that Bind incorrectly handled rewriting certain query responses when using both DNS64 and RPZ. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service (CVE-2017-3135). Oleg Gorokhov discovered that in some situations, Bind did not properly handle DNS64 queries. An attacker could use this to cause a denial of service (CVE-2017-3136). It was discovered that the resolver in Bind made incorrect assumptions about ordering when processing responses containing a CNAME or DNAME. An attacker could use this cause a denial of service (CVE-2017-3137). Mike Lalumiere discovered that in some situations, Bind did not properly handle invalid operations requested via its control channel. An attacker with access to the control channel could cause a denial of service (CVE-2017-3138). Clément Berthaux discovered that Bind did not correctly check TSIG authentication for zone transfer requests. An attacker could use this to improperly transfer entire zones (CVE-2017-3142). Clément Berthaux discovered that Bind did not correctly check TSIG authentication for zone update requests. An attacker could use this to improperly perform zone updates (CVE-2017-3143).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 5 | noarch | bind | < 9.10.5.P3-1 | bind-9.10.5.P3-1.mga5 |
bugs.mageia.org/show_bug.cgi?id=20107
ftp.isc.org/isc/bind9/9.10.5-P3/RELEASE-NOTES-bind-9.10.5-P3.html
kb.isc.org/article/AA-01439
kb.isc.org/article/AA-01440
kb.isc.org/article/AA-01441
kb.isc.org/article/AA-01442
kb.isc.org/article/AA-01447
kb.isc.org/article/AA-01453
kb.isc.org/article/AA-01455
kb.isc.org/article/AA-01465
kb.isc.org/article/AA-01466
kb.isc.org/article/AA-01471
kb.isc.org/article/AA-01484
kb.isc.org/article/AA-01503
kb.isc.org/article/AA-01504
kb.isc.org/article/AA-01508
usn.ubuntu.com/usn/usn-3172-1/
usn.ubuntu.com/usn/usn-3201-1/
usn.ubuntu.com/usn/usn-3259-1/
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
98.7%