CVE-2019-6477 – TCP-pipelined queries can bypass tcp-clients limit
https://notcve.org/view.php?id=CVE-2019-6477
With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem). Con pipelining habilitada, cada consulta entrante en una conexión TCP requiere una asignación de recursos similar a una consulta recibida por medio de UDP o TCP sin pipelining habilitada. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html https://kb.isc.org/docs/cve-2019-6477 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3DEMNZMKR57VQJCG5ZN55ZGTQRL2TFQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGURMGQHX45KR4QDRCSUQHODUFOGNGAN https://support.f5.com/csp/article/K15840535?utm_source=f5support&%3Butm_medium=RSS http • CWE-400: Uncontrolled Resource Consumption •
CVE-2019-6467 – An error in the nxdomain redirect feature can cause BIND to exit with an INSIST assertion failure in query.c
https://notcve.org/view.php?id=CVE-2019-6467
A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAIN redirection for recursive clients, is also serving a local copy of the root zone or using mirroring to provide the root zone, although other configurations are also possible. Versions affected: BIND 9.12.0-> 9.12.4, 9.14.0. Also affects all releases in the 9.13 development branch. Un error de programación en la funcionalidad nxdomain-redirect puede causar un error de aserción en el archivo query.c, si el espacio de nombres alternativo utilizado por nxdomain-redirect es un descendiente de una zona que es servida localmente. • https://github.com/knqyf263/CVE-2019-6467 https://kb.isc.org/docs/cve-2019-6467 https://www.synology.com/security/advisory/Synology_SA_19_20 • CWE-617: Reachable Assertion •
CVE-2019-6471 – A race condition when discarding malformed packets can cause BIND to exit with an assertion failure
https://notcve.org/view.php?id=CVE-2019-6471
A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1. Una condición de carrera que puede presentarse al descartar paquetes malformados puede provocar la salida de BIND debido a un fallo de aserción de REQUIRE en el archivo dispatch.c. Versiones afectadas: BIND 9.11.0 hasta 9.11.7, 9.12.0 hasta 9.12.4-P1, 9.14.0 hasta 9.14.2. • https://kb.isc.org/docs/cve-2019-6471 https://support.f5.com/csp/article/K10092301?utm_source=f5support&%3Butm_medium=RSS https://access.redhat.com/security/cve/CVE-2019-6471 https://bugzilla.redhat.com/show_bug.cgi?id=1721780 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-617: Reachable Assertion •
CVE-2018-5743 – Limiting simultaneous TCP clients was ineffective
https://notcve.org/view.php?id=CVE-2018-5743
By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. • https://kb.isc.org/docs/cve-2018-5743 https://support.f5.com/csp/article/K74009656?utm_source=f5support&%3Butm_medium=RSS https://www.synology.com/security/advisory/Synology_SA_19_20 https://access.redhat.com/security/cve/CVE-2018-5743 https://bugzilla.redhat.com/show_bug.cgi?id=1702541 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2019-6465 – Zone transfer controls for writable DLZ zones were not effective
https://notcve.org/view.php?id=CVE-2019-6465
Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465. Los controles para las transferencias de zona pueden no ser aplicados correctamente en Dynamically Loadable Zones (DLZs) si las zonas son grabables. Versiones afectadas: BIND 9.9.0 hasta 9.10.8-P1, 9.11.0 hasta 9.11.5-P2, 9.12.0 hasta 9.12.3-P2, y versiones 9.9.3-S1 hasta 9.11.5-S3 de BIND 9 Supported Preview Edition. • https://access.redhat.com/errata/RHSA-2019:3552 https://kb.isc.org/docs/cve-2019-6465 https://access.redhat.com/security/cve/CVE-2019-6465 https://bugzilla.redhat.com/show_bug.cgi?id=1679304 • CWE-284: Improper Access Control CWE-732: Incorrect Permission Assignment for Critical Resource •