ID CVE-2017-3135
Summary Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.
References
Vulnerable Configurations
  • ISC BIND 9.9.3
    cpe:2.3:a:isc:bind:9.9.3
  • cpe:2.3:a:isc:bind:9.9.3:s1
    cpe:2.3:a:isc:bind:9.9.3:s1
  • ISC BIND 9.9.8
    cpe:2.3:a:isc:bind:9.9.8
  • cpe:2.3:a:isc:bind:9.9.9:p5
    cpe:2.3:a:isc:bind:9.9.9:p5
  • ISC BIND 9.9.9 S7
    cpe:2.3:a:isc:bind:9.9.9:s7
  • cpe:2.3:a:isc:bind:9.9.10:beta1
    cpe:2.3:a:isc:bind:9.9.10:beta1
  • ISC BIND 9.10.0
    cpe:2.3:a:isc:bind:9.10.0
  • ISC BIND 9.10.4 Patch 1
    cpe:2.3:a:isc:bind:9.10.4:p1
  • ISC BIND 9.10.4 Patch 2
    cpe:2.3:a:isc:bind:9.10.4:p2
  • ISC BIND 9.10.4 Patch 3
    cpe:2.3:a:isc:bind:9.10.4:p3
  • ISC BIND 9.10.4 Patch 4
    cpe:2.3:a:isc:bind:9.10.4:p4
  • ISC BIND 9.10.4 Patch 5
    cpe:2.3:a:isc:bind:9.10.4:p5
  • cpe:2.3:a:isc:bind:9.10.5:beta1
    cpe:2.3:a:isc:bind:9.10.5:beta1
  • ISC BIND 9.11.0
    cpe:2.3:a:isc:bind:9.11.0
  • ISC BIND 9.11.0 Patch 1
    cpe:2.3:a:isc:bind:9.11.0:p1
  • ISC BIND 9.11.0 Patch 2
    cpe:2.3:a:isc:bind:9.11.0:p2
  • cpe:2.3:a:isc:bind:9.11.1:beta1
    cpe:2.3:a:isc:bind:9.11.1:beta1
  • RedHat Enterprise Linux Desktop 7.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
  • RedHat Enterprise Linux Server 7.0
    cpe:2.3:o:redhat:enterprise_linux_server:7.0
  • Red Hat Enterprise Linux Advanced mission critical Update Support (AUS) 7.3
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3
  • Red Hat Enterprise Linux Server Advanced mission critical Update Support (AUS) 7.4
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4
  • Red Hat Enterprise Linux Server Advanced mission critical Update Support (AUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.3
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.4
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.5
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3
  • Red Hat Enterprise Linux Server Telecommunications Update Service (TUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6
  • RedHat Enterprise Linux Workstation 7.0
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
  • cpe:2.3:a:netapp:data_ontap_edge
    cpe:2.3:a:netapp:data_ontap_edge
  • cpe:2.3:a:netapp:element_software_management_node
    cpe:2.3:a:netapp:element_software_management_node
  • Debian Linux 8.0 (Jessie)
    cpe:2.3:o:debian:debian_linux:8.0
  • Debian Linux 9.0
    cpe:2.3:o:debian:debian_linux:9.0
CVSS
Base: 4.3
Impact:
Exploitability:
CWE CWE-476
CAPEC
nessus via4
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1026.NASL
    description According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A denial of service flaw was found in the way BIND handled query responses when both DNS64 and RPZ were used. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure or a null pointer dereference via a specially crafted DNS response. (CVE-2017-3135) - A denial of service flaw was found in the way BIND processed a response to an ANY query. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9131) - A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9147) - A denial of service flaw was found in the way BIND handled an unusually-formed DS record response. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9444) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-14
    plugin id 99871
    published 2017-05-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99871
    title EulerOS 2.0 SP2 : bind (EulerOS-SA-2017-1026)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1025.NASL
    description According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A denial of service flaw was found in the way BIND handled query responses when both DNS64 and RPZ were used. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure or a null pointer dereference via a specially crafted DNS response. (CVE-2017-3135) - A denial of service flaw was found in the way BIND processed a response to an ANY query. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9131) - A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9147) - A denial of service flaw was found in the way BIND handled an unusually-formed DS record response. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9444) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-14
    plugin id 99870
    published 2017-05-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99870
    title EulerOS 2.0 SP1 : bind (EulerOS-SA-2017-1025)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-D0C9BF9508.NASL
    description Security fix for CVE-2017-3135 (unaffected), fixes regression made by CVE-2016-8864 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-04-21
    plugin id 97541
    published 2017-03-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97541
    title Fedora 24 : bind99 (2017-d0c9bf9508)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-96B7F4F53E.NASL
    description Security fix for CVE-2017-3135 (unaffected), fixes regression made by CVE-2016-8864 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2017-04-21
    plugin id 97536
    published 2017-03-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97536
    title Fedora 25 : bind99 (2017-96b7f4f53e)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL80533167.NASL
    description Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1. (CVE-2015-3135) BIG-IP configurations using DNS64 (the DNS IPv6 to IPv4 option configured in the DNS profile) and Response Policy Zone (RPZ) rewriting (in the BIND configuration) together are affected by this CVE. Note : The DNS IPv6 to IPv4 option is disabled, by default, in the DNS profile. Note : RPZ Rewriting is an optional BIND 9.x configuration that allows administrators to create DNS blacklists. Impact Remote attackers may be able to cause a BIND denial-of-service (DoS) attack by making a query for an AAAA record.
    last seen 2019-02-21
    modified 2019-02-11
    plugin id 97333
    published 2017-02-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97333
    title F5 Networks BIG-IP : BIND vulnerability (K80533167)
  • NASL family Virtuozzo Local Security Checks
    NASL id VIRTUOZZO_VZLSA-2017-0276.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND handled query responses when both DNS64 and RPZ were used. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure or a NULL pointer dereference via a specially crafted DNS response. (CVE-2017-3135) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Ramesh Damodaran (Infoblox) and Aliaksandr Shubnik (Infoblox) as the original reporter. Note that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 101423
    published 2017-07-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101423
    title Virtuozzo 7 : bind / bind-chroot / bind-devel / bind-libs / etc (VZLSA-2017-0276)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-0276.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND handled query responses when both DNS64 and RPZ were used. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure or a NULL pointer dereference via a specially crafted DNS response. (CVE-2017-3135) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Ramesh Damodaran (Infoblox) and Aliaksandr Shubnik (Infoblox) as the original reporter.
    last seen 2019-02-21
    modified 2019-02-11
    plugin id 97200
    published 2017-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97200
    title RHEL 7 : bind (RHSA-2017:0276)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-27099C270A.NASL
    description Security fix for CVE-2017-3135 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-11
    plugin id 97242
    published 2017-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97242
    title Fedora 24 : 32:bind (2017-27099c270a)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3795.NASL
    description It was discovered that a maliciously crafted query can cause ISC's BIND DNS server (named) to crash if both Response Policy Zones (RPZ) and DNS64 (a bridge between IPv4 and IPv6 networks) are enabled. It is uncommon for both of these options to be used in combination, so very few systems will be affected by this problem in practice. This update also corrects an additional regression caused by the fix for CVE-2016-8864, which was applied in a previous security update.
    last seen 2019-02-21
    modified 2019-02-11
    plugin id 97399
    published 2017-02-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97399
    title Debian DSA-3795-1 : bind9 - security update
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2017-2B46C8B6C2.NASL
    description Security fix for CVE-2017-3135 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-11
    plugin id 97162
    published 2017-02-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97162
    title Fedora 25 : 32:bind (2017-2b46c8b6c2)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2017-0276.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND handled query responses when both DNS64 and RPZ were used. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure or a NULL pointer dereference via a specially crafted DNS response. (CVE-2017-3135) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Ramesh Damodaran (Infoblox) and Aliaksandr Shubnik (Infoblox) as the original reporter.
    last seen 2019-02-21
    modified 2019-02-11
    plugin id 97194
    published 2017-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97194
    title CentOS 7 : bind (CESA-2017:0276)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201708-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-201708-01 (BIND: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in BIND. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could send a specially crafted DNS request to the BIND resolver resulting in a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 102531
    published 2017-08-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102531
    title GLSA-201708-01 : BIND: Multiple vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-314.NASL
    description This update for bind fixes the following issues : - Fixed a possible denial of service vulnerability (affected only configurations using both DNS64 and RPZ, CVE-2017-3135, bsc#1024130) This update was imported from the SUSE:SLE-12-SP1:Update update project.
    last seen 2019-02-21
    modified 2019-02-11
    plugin id 97568
    published 2017-03-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97568
    title openSUSE Security Update : bind (openSUSE-2017-314)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2017-041-01.NASL
    description New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.
    last seen 2019-02-21
    modified 2019-02-11
    plugin id 97101
    published 2017-02-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97101
    title Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : bind (SSA:2017-041-01)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20170215_BIND_ON_SL7_X.NASL
    description Security Fix(es) : - A denial of service flaw was found in the way BIND handled query responses when both DNS64 and RPZ were used. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure or a NULL pointer dereference via a specially crafted DNS response. (CVE-2017-3135)
    last seen 2019-02-21
    modified 2019-02-11
    plugin id 97201
    published 2017-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97201
    title Scientific Linux Security Update : bind on SL7.x x86_64
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-0594-1.NASL
    description This update for bind fixes the following issues : - Fixed a possible denial of service vulnerability (affected only configurations using both DNS64 and RPZ, CVE-2017-3135, bsc#1024130) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-11
    plugin id 97518
    published 2017-03-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97518
    title SUSE SLES12 Security Update : bind (SUSE-SU-2017:0594-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-843.NASL
    description CVE-2017-3135 Assertion failure when using DNS64 and RPZ can lead to crash. For Debian 7 'Wheezy', these problems have been fixed in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u15. We recommend that you upgrade your bind9 packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-11
    plugin id 97440
    published 2017-03-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97440
    title Debian DLA-843-1 : bind9 security update
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-0595-1.NASL
    description This update for bind fixes the following issues : - Fixed a possible denial of service vulnerability (affected only configurations using both DNS64 and RPZ, CVE-2017-3135, bsc#1024130) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-11
    plugin id 97519
    published 2017-03-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97519
    title SUSE SLES11 Security Update : bind (SUSE-SU-2017:0595-1)
  • NASL family DNS
    NASL id BIND9_CVE-2017-3135.NASL
    description According to its self-reported version number, the instance of ISC BIND 9 running on the remote name server is 9.8.8 or 9.9.x prior to 9.9.9-P6 or 9.9.9-S8, 9.10.x prior to 9.10.4-P6, or 9.11.x prior to 9.11.0-P3. It is, therefore, affected by a denial of service vulnerability in the query_find() function in query.c that is triggered when using DNS64 and RPZ simultaneously for rewriting query responses. An unauthenticated, remote attacker can exploit this to cause an INSIST assertion failure or a NULL pointer read, resulting in a termination of the service. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 97227
    published 2017-02-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97227
    title ISC BIND 9 < 9.9.9-P6 / 9.9.9-S8 / 9.10.4-P6 / 9.11.0-P3 DNS64 and RPZ DoS
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2017-0276.NASL
    description From Red Hat Security Advisory 2017:0276 : An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A denial of service flaw was found in the way BIND handled query responses when both DNS64 and RPZ were used. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure or a NULL pointer dereference via a specially crafted DNS response. (CVE-2017-3135) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Ramesh Damodaran (Infoblox) and Aliaksandr Shubnik (Infoblox) as the original reporter.
    last seen 2019-02-21
    modified 2019-02-11
    plugin id 97198
    published 2017-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97198
    title Oracle Linux 7 : bind (ELSA-2017-0276)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3201-1.NASL
    description It was discovered that Bind incorrectly handled rewriting certain query responses when using both DNS64 and RPZ. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-11
    plugin id 97223
    published 2017-02-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97223
    title Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : bind9 vulnerabilities (USN-3201-1)
  • NASL family Junos Local Security Checks
    NASL id JUNIPER_JSA10799.NASL
    description According to its self-reported version and model number, the remote Juniper Junos device is affected by a denial of service vulnerability in ISC BIND, specifically in the query_find() function within file bin/named/query.c, when simultaneously using DNS64 and RPZ for query responses. An unauthenticated, remote attacker can exploit this to cause an INSIST assertion failure or a NULL pointer read, resulting in termination of the service.
    last seen 2019-02-21
    modified 2018-07-13
    plugin id 102074
    published 2017-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=102074
    title Juniper Junos SRX, vSRX, and J-Series ISC BIND DoS (JSA10799)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-0596-1.NASL
    description This update for bind fixes the following issues : - Fixed a possible denial of service vulnerability (affected only configurations using both DNS64 and RPZ, CVE-2017-3135, bsc#1024130) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-11
    plugin id 97520
    published 2017-03-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97520
    title SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2017:0596-1)
redhat via4
advisories
bugzilla
id 1420193
title CVE-2017-3135 bind: Assertion failure when using DNS64 and RPZ Can Lead to Crash
oval
AND
  • OR
    • comment Red Hat Enterprise Linux 7 Client is installed
      oval oval:com.redhat.rhsa:tst:20140675001
    • comment Red Hat Enterprise Linux 7 Server is installed
      oval oval:com.redhat.rhsa:tst:20140675002
    • comment Red Hat Enterprise Linux 7 Workstation is installed
      oval oval:com.redhat.rhsa:tst:20140675003
    • comment Red Hat Enterprise Linux 7 ComputeNode is installed
      oval oval:com.redhat.rhsa:tst:20140675004
  • OR
    • AND
      • comment bind is earlier than 32:9.9.4-38.el7_3.2
        oval oval:com.redhat.rhsa:tst:20170276009
      • comment bind is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100975006
    • AND
      • comment bind-chroot is earlier than 32:9.9.4-38.el7_3.2
        oval oval:com.redhat.rhsa:tst:20170276013
      • comment bind-chroot is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100975012
    • AND
      • comment bind-devel is earlier than 32:9.9.4-38.el7_3.2
        oval oval:com.redhat.rhsa:tst:20170276025
      • comment bind-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100975010
    • AND
      • comment bind-libs is earlier than 32:9.9.4-38.el7_3.2
        oval oval:com.redhat.rhsa:tst:20170276015
      • comment bind-libs is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100975016
    • AND
      • comment bind-libs-lite is earlier than 32:9.9.4-38.el7_3.2
        oval oval:com.redhat.rhsa:tst:20170276007
      • comment bind-libs-lite is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141984041
    • AND
      • comment bind-license is earlier than 32:9.9.4-38.el7_3.2
        oval oval:com.redhat.rhsa:tst:20170276031
      • comment bind-license is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141984029
    • AND
      • comment bind-lite-devel is earlier than 32:9.9.4-38.el7_3.2
        oval oval:com.redhat.rhsa:tst:20170276029
      • comment bind-lite-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141984039
    • AND
      • comment bind-pkcs11 is earlier than 32:9.9.4-38.el7_3.2
        oval oval:com.redhat.rhsa:tst:20170276021
      • comment bind-pkcs11 is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20152655032
    • AND
      • comment bind-pkcs11-devel is earlier than 32:9.9.4-38.el7_3.2
        oval oval:com.redhat.rhsa:tst:20170276005
      • comment bind-pkcs11-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20152655028
    • AND
      • comment bind-pkcs11-libs is earlier than 32:9.9.4-38.el7_3.2
        oval oval:com.redhat.rhsa:tst:20170276019
      • comment bind-pkcs11-libs is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20152655030
    • AND
      • comment bind-pkcs11-utils is earlier than 32:9.9.4-38.el7_3.2
        oval oval:com.redhat.rhsa:tst:20170276011
      • comment bind-pkcs11-utils is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20152655023
    • AND
      • comment bind-sdb is earlier than 32:9.9.4-38.el7_3.2
        oval oval:com.redhat.rhsa:tst:20170276017
      • comment bind-sdb is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100975014
    • AND
      • comment bind-sdb-chroot is earlier than 32:9.9.4-38.el7_3.2
        oval oval:com.redhat.rhsa:tst:20170276023
      • comment bind-sdb-chroot is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20141984035
    • AND
      • comment bind-utils is earlier than 32:9.9.4-38.el7_3.2
        oval oval:com.redhat.rhsa:tst:20170276027
      • comment bind-utils is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20100975008
rhsa
id RHSA-2017:0276
released 2017-02-15
severity Moderate
title RHSA-2017:0276: bind security update (Moderate)
rpms
  • bind-32:9.9.4-38.el7_3.2
  • bind-chroot-32:9.9.4-38.el7_3.2
  • bind-devel-32:9.9.4-38.el7_3.2
  • bind-libs-32:9.9.4-38.el7_3.2
  • bind-libs-lite-32:9.9.4-38.el7_3.2
  • bind-license-32:9.9.4-38.el7_3.2
  • bind-lite-devel-32:9.9.4-38.el7_3.2
  • bind-pkcs11-32:9.9.4-38.el7_3.2
  • bind-pkcs11-devel-32:9.9.4-38.el7_3.2
  • bind-pkcs11-libs-32:9.9.4-38.el7_3.2
  • bind-pkcs11-utils-32:9.9.4-38.el7_3.2
  • bind-sdb-32:9.9.4-38.el7_3.2
  • bind-sdb-chroot-32:9.9.4-38.el7_3.2
  • bind-utils-32:9.9.4-38.el7_3.2
refmap via4
bid 96150
confirm
debian DSA-3795
gentoo GLSA-201708-01
sectrack 1037801
Last major update 16-01-2019 - 15:29
Published 16-01-2019 - 15:29
Last modified 08-02-2019 - 14:48
Back to Top