CVE-2018-5734
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ISC | BIND 9 | 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2 | affected |
Weaknesses
- Servers running the affected versions (9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, and 9.10.6-S2) are vulnerable if they allow recursion, unless the SERVFAIL cache is disabled for the receiving view.
Workarounds
Disabling the SERVFAIL cache with 'servfail-ttl 0;' will prevent taking the code path that leads to the assertion failure.
ADP Enrichment
CVE Program Container
Additional References
- https://kb.isc.org/docs/aa-01562
- https://security.netapp.com/advisory/ntap-20180926-0005/
- http://www.securityfocus.com/bid/103189
- http://www.securitytracker.com/id/1040438
References
- https://kb.isc.org/docs/aa-01562
- https://security.netapp.com/advisory/ntap-20180926-0005/
- http://www.securityfocus.com/bid/103189
- http://www.securitytracker.com/id/1040438
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.