Page 15 of 177 results (0.037 seconds)

CVSS: 7.5EPSS: 25%CPEs: 39EXPL: 0

CVE-2017-3137 – A response packet can cause a resolver to terminate when processing an answer containing a CNAME or DNAME

https://notcve.org/view.php?id=CVE-2017-3137

Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0-P3, 9.11.1b1->9.11.1rc1, and 9.9.9-S8. Las asunciones equivocadas sobre el orden de los registros en la sección de respuesta de una respuesta que contiene registros de recursos CNAME o DNAME podría conducir a una situación en la que named se cerraría con un fallo de aserción al procesar una respuesta en la que los registros ocurrieron en un orden inusual. Afecta a BIND en versiones 9.9.9-P6, desde la versión 9.9.10b1 hasta la 9.9.10rc1, la versión 9.10.4-P6, desde la versión 9.10.5b1 hasta la 9.10.5rc1, la versión 9.11.0-P3, desde la versión 9.11.1b1 hasta la 9.11.1rc1 y en la versión 9.9.9-S8. A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. • http://www.securityfocus.com/bid/97651 http://www.securitytracker.com/id/1038258 http://www.securitytracker.com/id/1040195 https://access.redhat.com/errata/RHSA-2017:1095 https://access.redhat.com/errata/RHSA-2017:1105 https://access.redhat.com/errata/RHSA-2017:1582 https://access.redhat.com/errata/RHSA-2017:1583 https://kb.isc.org/docs/aa-01466 https://security.gentoo.org/glsa/201708-01 https://security.netapp.com/advisory/ntap-20180802-0002 https://www.debian.org& • CWE-617: Reachable Assertion •

CVSS: 6.5EPSS: 5%CPEs: 36EXPL: 0

CVE-2017-3138 – named exits with a REQUIRE assertion failure if it receives a null command string on its control channel

https://notcve.org/view.php?id=CVE-2017-3138

named contains a feature which allows operators to issue commands to a running server by communicating with the server process over a control channel, using a utility program such as rndc. A regression introduced in a recent feature change has created a situation under which some versions of named can be caused to exit with a REQUIRE assertion failure if they are sent a null command string. Affects BIND 9.9.9->9.9.9-P7, 9.9.10b1->9.9.10rc2, 9.10.4->9.10.4-P7, 9.10.5b1->9.10.5rc2, 9.11.0->9.11.0-P4, 9.11.1b1->9.11.1rc2, 9.9.9-S1->9.9.9-S9. named contiene una característica que permite que los operadores envíe comandos a un servidor en ejecución comunicándose con el proceso del servidor mediante un canal de control utilizando un programa como rndc. Una regresión empleada en un cambio de características reciente ha creado una situación en la cual algunas versiones de named pueden cerrarse con un error de aserción de REQUIRE si se le envía una cadena de comandos null. Afecta a BIND desde la versión 9.9.9 hasta la 9.9.9-P7, desde la versión 9.9.10b1 hasta la 9.9.10rc2, desde la versión 9.10.4 hasta la 9.10.4-P7, desde la versión 9.10.5b1 hasta la 9.10.5rc2, desde la versión 9.10.5b1 hasta la 9.10.5rc2, desde la versión 9.11.0 hasta la 9.11.0-P4, desde la versión 9.11.1b1 hasta la 9.11.1rc2 y desde la versión 9.9.9-S1 hasta 9.9.9-S9. • http://www.securityfocus.com/bid/97657 http://www.securitytracker.com/id/1038260 https://kb.isc.org/docs/aa-01471 https://security.gentoo.org/glsa/201708-01 https://security.netapp.com/advisory/ntap-20180802-0002 https://www.debian.org/security/2017/dsa-3854 • CWE-617: Reachable Assertion •

CVSS: 7.5EPSS: 20%CPEs: 33EXPL: 0

CVE-2017-3135 – Combination of DNS64 and RPZ Can Lead to Crash

https://notcve.org/view.php?id=CVE-2017-3135

Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1. En ciertas condiciones, al emplear DNS64 y RPZ para rescribir respuestas a consultas, el procesamiento de consultas puede continuar de forma inconsistente, lo que puede conducir a un fallo de aserción de INSIST o a un intento para leer a través de un puntero NULL. Afecta a BIND en su versión 9.8.8, desde la versión 9.9.3-S1 hasta la 9.9.9-S7, desde la versión 9.9.3 hasta la 9.9.9-P5, la versión 9.9.10b1, desde la versión 9.10.0 hasta la 9.10.4-P5, la versión 9.10.5b1, desde la versión 9.11.0 hasta la 9.11.0-P2 y a la versión 9.11.1b1. A denial of service flaw was found in the way BIND handled query responses when both DNS64 and RPZ were used. • http://rhn.redhat.com/errata/RHSA-2017-0276.html http://www.securityfocus.com/bid/96150 http://www.securitytracker.com/id/1037801 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03747en_us https://kb.isc.org/docs/aa-01453 https://security.gentoo.org/glsa/201708-01 https://security.netapp.com/advisory/ntap-20180926-0005 https://www.debian.org/security/2017/dsa-3795 https://access.redhat.com/security/cve/CVE-2017-3135 https:/ • CWE-476: NULL Pointer Dereference •

CVSS: 7.5EPSS: 2%CPEs: 9EXPL: 0

CVE-2016-9778 – An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c

https://notcve.org/view.php?id=CVE-2016-9778

An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the "nxdomain-redirect" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type "redirect" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -> 9.9.8-S3, 9.9.9-S1 -> 9.9.9-S6, 9.11.0-9.11.0-P1. • http://www.securityfocus.com/bid/95388 http://www.securitytracker.com/id/1037582 https://kb.isc.org/article/AA-01442 https://security.gentoo.org/glsa/201708-01 https://security.netapp.com/advisory/ntap-20180926-0005 • CWE-388: 7PK - Errors •

CVSS: 7.5EPSS: 87%CPEs: 45EXPL: 0

CVE-2016-9131 – bind: assertion failure while processing response to an ANY query

https://notcve.org/view.php?id=CVE-2016-9131

named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query. named en ISC BIND 9.x en versiones anteriores a 9.9.9-P5, 9.10.x en versiones anteriores a 9.10.4-P5 y 9.11.x en versiones anteriores a 9.11.0-P2 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y salida de demonio) a través de una respuesta mal formada a una query RTYPE ANY. A denial of service flaw was found in the way BIND processed a response to an ANY query. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. • http://rhn.redhat.com/errata/RHSA-2017-0062.html http://www.debian.org/security/2017/dsa-3758 http://www.securityfocus.com/bid/95386 http://www.securitytracker.com/id/1037582 https://access.redhat.com/errata/RHSA-2017:1583 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687 https://kb.isc.org/article/AA-01439/74/CVE-2016-9131 https://security.gentoo.org/glsa/201708-01 https://security.netapp.com/advisory/ntap-20180926-0005 https: • CWE-20: Improper Input Validation •