CVSS: 7.5EPSS: 1%CPEs: 6EXPL: 0CVE-2018-5734 – A malformed request can trigger an assertion failure in badcache.c
https://notcve.org/view.php?id=CVE-2018-5734
While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2. Al gestionar un tipo concreto de paquete mal formado, BIND selecciona erróneamente un rcode SERVFAIL en lugar de un rcode FORMERR. Si la vista que se está recibiendo tiene la característica de caché SERVFAIL habilitada, esto puede desencadenar un fallo de aserción en badcache.c cuando la petición no contiene toda la información esperada. • http://www.securityfocus.com/bid/103189 http://www.securitytracker.com/id/1040438 https://kb.isc.org/docs/aa-01562 https://security.netapp.com/advisory/ntap-20180926-0005 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2018-5737 – BIND 9.12's serve-stale implementation can cause an assertion failure in rbtdb.c or other undesirable behavior, even if serve-stale is not enabled.
https://notcve.org/view.php?id=CVE-2018-5737
A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching can in some cases cause undesirable behavior from named, such as a recursion loop or excessive logging. Deliberate exploitation of this condition could cause operational problems depending on the particular manifestation -- either degradation or denial of service. Affects BIND 9.12.0 and 9.12.1. Un problema con la implementación de la nueva característica "serve-stale" en BIND 9.12 puede conducir a un fallo de aserción en rbtdb.c, incluso cuando stale-answer-enable está desactivado. • http://www.securityfocus.com/bid/104236 http://www.securitytracker.com/id/1040942 https://kb.isc.org/docs/aa-01606 https://security.netapp.com/advisory/ntap-20180926-0004 • CWE-617: Reachable Assertion •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2018-5736
https://notcve.org/view.php?id=CVE-2018-5736
An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is permitted to cause a vulnerable server to initiate zone transfers (for example: by sending valid NOTIFY messages), causing the named process to exit after failing the assertion test. Affects BIND 9.12.0 and 9.12.1. Un error en el conteo de la base de datos de la zona puede conducir a un fallo de aserción si un servidor que está ejecutando una versión afectada de BIND intenta realizar varias transferencias hacia una zona esclava en rápida sucesión. Este defecto podría ser aprovechado deliberadamente por un atacante al que se le permite hacer que un servidor vulnerable inicie transferencias de zona (por ejemplo, mediante el envío de mensajes NOTIFY válidos), lo que provoca que el proceso named se cierre tras fallar la prueba de aserción. • http://www.securityfocus.com/bid/104386 http://www.securitytracker.com/id/1040941 https://kb.isc.org/docs/aa-01602 https://security.netapp.com/advisory/ntap-20180926-0004 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-5739 – Failure to release memory may exhaust system resources
https://notcve.org/view.php?id=CVE-2018-5739
An extension to hooks capabilities which debuted in Kea 1.4.0 introduced a memory leak for operators who are using certain hooks library facilities. In order to support multiple requests simultaneously, Kea 1.4 added a callout handle store but unfortunately the initial implementation of this store does not properly free memory in every case. Hooks which make use of query4 or query6 parameters in their callouts can leak memory, resulting in the eventual exhaustion of available memory and subsequent failure of the server process. Affects Kea DHCP 1.4.0. Una extensión de las capacidades de enlace que debutó en Kea 1.4.0 introdujo una fuga de memoria para los operadores que emplean ciertas características de la biblioteca de enlaces. • https://kb.isc.org/docs/aa-01626 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 94%CPEs: 26EXPL: 0CVE-2018-5740 – A flaw in the "deny-answer-aliases" feature can cause an assertion failure in named
https://notcve.org/view.php?id=CVE-2018-5740
"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2. "deny-answer-aliases" es una característica poco utilizada que pretende ayudar a los operadores recursivos del servidor a proteger a los usuarios finales contra ataques de reenlace DNS, un método para poder eludir el modelo de seguridad empleado por los navegadores del cliente. Sin embargo, un defecto en esta característica hace que sea sencillo experimentar un fallo de aserción en name.c. • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html http://www.securityfocus.com/bid/105055 http://www.securitytracker.com/id/1041436 https://access.redhat.com/errata/RHSA-2018:2570 https://access.redhat.com/errata/RHSA-2018:2571 https://kb.isc.org/docs/aa-01639 https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html https://lists.debian.org/debian-lts-announce/2021/11&#x • CWE-617: Reachable Assertion •