CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 1CVE-2017-3141 – Windows service and uninstall paths are not quoted when BIND is installed
https://notcve.org/view.php?id=CVE-2017-3141
The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2->9.2.9, 9.3.2-P1->9.3.6, 9.4.0->9.8.8, 9.9.0->9.9.10, 9.10.0->9.10.5, 9.11.0->9.11.1, 9.9.3-S1->9.9.10-S1, 9.10.5-S1. El instalador de BIND en Windows emplea una ruta de servicio sin entrecomillar que puede permitir que un usuario local logre escalar privilegios si los permisos del sistema host de archivos lo permiten. Afecta a BIND desde la versión 9.2.6-P2 hasta la 9.2.9, desde la 9.3.2-P1 hasta la 9.3.6, desde la 9.4.0 hasta la 9.8.8, desde la 9.9.0 hasta la 9.9.10, desde la 9.10.0 hasta la 9.10.5, desde la 9.11.0 hasta la 9.11.1, desde la 9.9.3-S1 hasta la 9.9.10-S1 y en la versión 9.10.5-S1. BIND version 9.10.5 for x86 and x64 on Windows suffers from an unquoted service path vulnerability that can allow for privilege escalation. • https://www.exploit-db.com/exploits/42121 http://www.securityfocus.com/bid/99089 http://www.securitytracker.com/id/1038693 https://kb.isc.org/docs/aa-01496 https://security.gentoo.org/glsa/201708-01 https://security.netapp.com/advisory/ntap-20180926-0001 • CWE-428: Unquoted Search Path or Element •
CVSS: 7.5EPSS: 87%CPEs: 45EXPL: 0CVE-2016-9131 – bind: assertion failure while processing response to an ANY query
https://notcve.org/view.php?id=CVE-2016-9131
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed response to an RTYPE ANY query. named en ISC BIND 9.x en versiones anteriores a 9.9.9-P5, 9.10.x en versiones anteriores a 9.10.4-P5 y 9.11.x en versiones anteriores a 9.11.0-P2 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y salida de demonio) a través de una respuesta mal formada a una query RTYPE ANY. A denial of service flaw was found in the way BIND processed a response to an ANY query. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. • http://rhn.redhat.com/errata/RHSA-2017-0062.html http://www.debian.org/security/2017/dsa-3758 http://www.securityfocus.com/bid/95386 http://www.securitytracker.com/id/1037582 https://access.redhat.com/errata/RHSA-2017:1583 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687 https://kb.isc.org/article/AA-01439/74/CVE-2016-9131 https://security.gentoo.org/glsa/201708-01 https://security.netapp.com/advisory/ntap-20180926-0005 https: • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 75%CPEs: 318EXPL: 0CVE-2016-9444 – bind: assertion failure while handling an unusually-formed DS record response
https://notcve.org/view.php?id=CVE-2016-9444
named in ISC BIND 9.x before 9.9.9-P5, 9.10.x before 9.10.4-P5, and 9.11.x before 9.11.0-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DS resource record in an answer. named en ISC BIND 9.x en versiones anteriores a 9.9.9-P5, 9.10.x en versiones anteriores a 9.10.4-P5 y 9.11.x en versiones anteriores a 9.11.0-P2 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y salida de demonio) a través de un registro de recursos DS manipulado en una respuesta. A denial of service flaw was found in the way BIND handled an unusually-formed DS record response. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. • http://rhn.redhat.com/errata/RHSA-2017-0062.html http://www.debian.org/security/2017/dsa-3758 http://www.securityfocus.com/bid/95393 http://www.securitytracker.com/id/1037582 https://access.redhat.com/errata/RHSA-2017:1583 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687 https://kb.isc.org/article/AA-01441/74/CVE-2016-9444 https://security.gentoo.org/glsa/201708-01 https://security.netapp.com/advisory/ntap-20180926-0005 https: • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 95%CPEs: 57EXPL: 0CVE-2016-8864 – bind: assertion failure while handling responses containing a DNAME answer
https://notcve.org/view.php?id=CVE-2016-8864
named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record in the answer section of a response to a recursive query, related to db.c and resolver.c. named en ISC BIND 9.x en versiones anteriores a 9.9.9-P4, 9.10.x en versiones anteriores a 9.10.4-P4 y 9.11.x en versiones anteriores a 9.11.0-P1 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción y salida de demonio) a través de un registro DNAME en la sección de respuesta de una respuesta a una petición recursiva, relacionado con db.c y resolver.c. A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. • http://rhn.redhat.com/errata/RHSA-2016-2141.html http://rhn.redhat.com/errata/RHSA-2016-2142.html http://rhn.redhat.com/errata/RHSA-2016-2615.html http://rhn.redhat.com/errata/RHSA-2016-2871.html http://www.debian.org/security/2016/dsa-3703 http://www.securityfocus.com/bid/94067 http://www.securitytracker.com/id/1037156 https://access.redhat.com/errata/RHSA-2017:1583 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05381687 https:&# • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 24%CPEs: 264EXPL: 0CVE-2016-2848 – bind: assertion failure triggered by a packet with malformed options
https://notcve.org/view.php?id=CVE-2016-2848
ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via malformed options data in an OPT resource record. ISC BIND 9.1.0 hasta la versión 9.8.4-P2 y 9.9.0 hasta la versión 9.9.2-P2 permite a atacantes remotos provocar una denegación de servicio (error de aserción y salida del demonio) a través de datos de opciones mal formadas en un registro de recursos OPT. A denial of service flaw was found in the way BIND handled packets with malformed options. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS packet. • http://rhn.redhat.com/errata/RHSA-2016-2093.html http://rhn.redhat.com/errata/RHSA-2016-2094.html http://rhn.redhat.com/errata/RHSA-2016-2099.html http://www.securityfocus.com/bid/93809 http://www.securityfocus.com/bid/93814 http://www.securitytracker.com/id/1037073 https://bugzilla.redhat.com/show_bug.cgi?id=1385450 https://kb.isc.org/article/AA-01433/74/CVE-2016-2848 https://security.netapp.com/advisory/ntap-20180926-0002 https://security.netapp.com/advisory/nt • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •