CVE-2017-3145

🗓️ 16 Jan 2019 20:29:00Reported by [email protected]Type

Improper BIND cleanup operation sequencing leading to use-after-free erro

Reporter	Title	Published	Views	Family All 140
ALT Linux	Security fix for the ALT Linux 8 package bind version 9.10.8.P1-alt1	26 Aug 201900:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 9 package bind version 9.11.2.P1-alt1	17 Jan 201800:00	–	altlinux
IBM Security Bulletins	Security Bulletin: IBM i is affected by networking BIND vulnerability CVE-2017-3145	18 Dec 201914:26	–	ibm
IBM Security Bulletins	Security Bulletin: A vulnerability in bind affects PowerKVM	18 Jun 201801:41	–	ibm
IBM Security Bulletins	Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by a vulnerability in bind (CVE-2017-3145)	10 Sep 201819:03	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in bind affects IBM Integrated Management Module II (IMM2)	7 Dec 202322:31	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by a vulnerability in bind (CVE-2017-3145)	7 Dec 202322:31	–	ibm
Tenable Nessus	Amazon Linux 2 : bind (ALAS-2018-954)	18 Apr 201800:00	–	nessus
Tenable Nessus	Amazon Linux AMI : bind (ALAS-2018-954)	22 Feb 201800:00	–	nessus
Tenable Nessus	ISC BIND 9 < 9.9.11-P1 / 9.9.11-S2 / 9.10.6-P1 / 9.10.6-S2 / 9.11.2-P1 / 9.12.0rc2 Multiple Vulnerabilities	19 Jan 201800:00	–	nessus

NVD

Node

isc bindRange9.4.0–9.8.8

isc bindRange9.9.0–9.9.11

isc bindRange9.10.0–9.10.6

isc bindRange9.11.0–9.11.2

isc bindMatch9.9.3s1

isc bindMatch9.9.11s1

isc bindMatch9.10.5s1

isc bindMatch9.10.6s1

isc bindMatch9.12.0alpha1

isc bindMatch9.12.0b1

isc bindMatch9.12.0b2

isc bindMatch9.12.0rc1

Node

redhat enterprise_linux_desktopMatch6.0

redhat enterprise_linux_desktopMatch7.0

redhat enterprise_linux_serverMatch6.0

redhat enterprise_linux_serverMatch7.0

redhat enterprise_linux_server_ausMatch6.4

redhat enterprise_linux_server_ausMatch6.5

redhat enterprise_linux_server_ausMatch6.6

redhat enterprise_linux_server_ausMatch7.2

redhat enterprise_linux_server_ausMatch7.3

redhat enterprise_linux_server_ausMatch7.4

redhat enterprise_linux_server_ausMatch7.6

redhat enterprise_linux_server_eusMatch6.7

redhat enterprise_linux_server_eusMatch7.3

redhat enterprise_linux_server_eusMatch7.4

redhat enterprise_linux_server_eusMatch7.5

redhat enterprise_linux_server_eusMatch7.6

redhat enterprise_linux_server_tusMatch6.6

redhat enterprise_linux_server_tusMatch7.2

redhat enterprise_linux_server_tusMatch7.3

redhat enterprise_linux_server_tusMatch7.6

redhat enterprise_linux_workstationMatch6.0

redhat enterprise_linux_workstationMatch7.0

Node

debian debian_linuxMatch7.0

debian debian_linuxMatch8.0

debian debian_linuxMatch9.0

Node

netapp data_ontap_edgeMatch-

Node

juniper junosMatch12.1x46-d76-

juniper junosMatch12.3x48-d70-

juniper junosMatch15.1x49-d140-

juniper junosMatch17.4r2-

juniper junosMatch18.1r2-

juniper junosMatch18.2r1-

AND

juniper srx100Match-

juniper srx110Match-

juniper srx1400Match-

juniper srx1500Match-

juniper srx210Match-

juniper srx220Match-

juniper srx240Match-

juniper srx240h2Match-

juniper srx240mMatch-

juniper srx300Match-

juniper srx320Match-

juniper srx340Match-

juniper srx3400Match-

juniper srx345Match-

juniper srx3600Match-

juniper srx380Match-

juniper srx4000Match-

juniper srx4100Match-

juniper srx4200Match-

juniper srx4600Match-

juniper srx5000Match-

juniper srx5400Match-

juniper srx550Match-

juniper srx550_hmMatch-

juniper srx550mMatch-

juniper srx5600Match-

juniper srx5800Match-

juniper srx650Match-

Source	Link
securitytracker	www.securitytracker.com/id/1040195
kb	www.kb.isc.org/docs/aa-01542
security	www.security.netapp.com/advisory/ntap-20180117-0003/
access	www.access.redhat.com/errata/RHSA-2018:0488
debian	www.debian.org/security/2018/dsa-4089
access	www.access.redhat.com/errata/RHSA-2018:0487
lists	www.lists.debian.org/debian-lts-announce/2018/01/msg00029.html
access	www.access.redhat.com/errata/RHSA-2018:0102
supportportal	www.supportportal.juniper.net/s/article/2018-07-Security-Bulletin-SRX-Series-Vulnerabilities-in-ISC-BIND-named
access	www.access.redhat.com/errata/RHSA-2018:0101

21 Nov 2024 03:24Current

7.5High risk

Vulners AI Score7.5

CVSS 25

CVSS 3.17.5

CVSS 37.5

EPSS0.0799

CWE-416