Bind@9.12.0 Security Vulnerabilities and Issues — Bind@9.12.0 CVE List

Lucene search

IscBind9.12.0

4 matches found

CVE•added 2019/01/16 8:29 p.m.•583 views

CVE-2017-3145

BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, ...

7.5CVSS7.7AI score0.05766EPSS

CVE•added 2019/01/16 8:29 p.m.•165 views

CVE-2018-5738

Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended (and documented) behavior is that if an operator has not specified a value for t...

7.5CVSS6.2AI score0.01793EPSS

CVE•added 2019/01/16 8:29 p.m.•122 views

CVE-2018-5736

An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is permitted to cause a vulnerable se...

5.3CVSS5.7AI score0.44156EPSS

CVE•added 2019/01/16 8:29 p.m.•95 views

CVE-2018-5737

A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching can in some cases cause undesir...

7.5CVSS6.3AI score0.01256EPSS