ID CVE-2017-3145
Summary BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1.
References
Vulnerable Configurations
  • ISC BIND 9.4.0
    cpe:2.3:a:isc:bind:9.4.0
  • ISC BIND 9.4.0 Alpha 1
    cpe:2.3:a:isc:bind:9.4.0:a1
  • ISC BIND 9.4.0 Alpha 2
    cpe:2.3:a:isc:bind:9.4.0:a2
  • ISC BIND 9.4.0 Alpha 3
    cpe:2.3:a:isc:bind:9.4.0:a3
  • ISC BIND 9.4.0 Alpha 4
    cpe:2.3:a:isc:bind:9.4.0:a4
  • ISC BIND 9.4.0 Alpha 5
    cpe:2.3:a:isc:bind:9.4.0:a5
  • ISC BIND 9.4.0 Alpha 6
    cpe:2.3:a:isc:bind:9.4.0:a6
  • ISC BIND 9.4.0 Beta 1
    cpe:2.3:a:isc:bind:9.4.0:b1
  • ISC BIND 9.4.0 Beta 2
    cpe:2.3:a:isc:bind:9.4.0:b2
  • ISC BIND 9.4.0 Beta 3
    cpe:2.3:a:isc:bind:9.4.0:b3
  • ISC BIND 9.4.0 Beta 4
    cpe:2.3:a:isc:bind:9.4.0:b4
  • ISC BIND 9.4.0rc1
    cpe:2.3:a:isc:bind:9.4.0:rc1
  • ISC BIND 9.4.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.4.0:rc2
  • ISC BIND 9.4.0a1
    cpe:2.3:a:isc:bind:9.4.0a1
  • ISC BIND 9.4.0a2
    cpe:2.3:a:isc:bind:9.4.0a2
  • ISC BIND 9.4.0a3
    cpe:2.3:a:isc:bind:9.4.0a3
  • ISC BIND 9.4.0a4
    cpe:2.3:a:isc:bind:9.4.0a4
  • ISC BIND 9.4.0a5
    cpe:2.3:a:isc:bind:9.4.0a5
  • ISC BIND 9.4.0a6
    cpe:2.3:a:isc:bind:9.4.0a6
  • ISC BIND 9.4.0b1
    cpe:2.3:a:isc:bind:9.4.0b1
  • ISC BIND 9.4.0b2
    cpe:2.3:a:isc:bind:9.4.0b2
  • ISC BIND 9.4.0b3
    cpe:2.3:a:isc:bind:9.4.0b3
  • ISC BIND 9.4.0b4
    cpe:2.3:a:isc:bind:9.4.0b4
  • ISC BIND 9.4.1
    cpe:2.3:a:isc:bind:9.4.1
  • ISC BIND 9.4.2
    cpe:2.3:a:isc:bind:9.4.2
  • ISC BIND 9.4.2 Patch 2 W1
    cpe:2.3:a:isc:bind:9.4.2:p2_w1
  • ISC BIND 9.4.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.4.2:rc1
  • ISC BIND 9.4.2 Release Candidate 2
    cpe:2.3:a:isc:bind:9.4.2:rc2
  • ISC BIND 9.4.3
    cpe:2.3:a:isc:bind:9.4.3
  • ISC BIND 9.4.3 Beta 1
    cpe:2.3:a:isc:bind:9.4.3:b1
  • ISC BIND 9.4.3 Beta 2
    cpe:2.3:a:isc:bind:9.4.3:b2
  • ISC BIND 9.4.3 Beta 3
    cpe:2.3:a:isc:bind:9.4.3:b3
  • ISC BIND 9.4.3 Patch 1
    cpe:2.3:a:isc:bind:9.4.3:p1
  • ISC BIND 9.4.3 Patch 2
    cpe:2.3:a:isc:bind:9.4.3:p2
  • ISC BIND 9.4.3 Patch 3
    cpe:2.3:a:isc:bind:9.4.3:p3
  • ISC BIND 9.4.3 Patch 4
    cpe:2.3:a:isc:bind:9.4.3:p4
  • ISC BIND 9.4.3 Patch 5
    cpe:2.3:a:isc:bind:9.4.3:p5
  • ISC BIND 9.4.3 rc1
    cpe:2.3:a:isc:bind:9.4.3:rc1
  • ISC BIND 9.4.3b1
    cpe:2.3:a:isc:bind:9.4.3b1
  • ISC BIND 9.4.3b2
    cpe:2.3:a:isc:bind:9.4.3b2
  • ISC BIND 9.4.3b3
    cpe:2.3:a:isc:bind:9.4.3b3
  • ISC BIND 9.5
    cpe:2.3:a:isc:bind:9.5
  • ISC BIND 9.5.0
    cpe:2.3:a:isc:bind:9.5.0
  • ISC BIND 9.5.0 Alpha 1
    cpe:2.3:a:isc:bind:9.5.0:a1
  • ISC BIND 9.5.0 Alpha 2
    cpe:2.3:a:isc:bind:9.5.0:a2
  • ISC BIND 9.5.0 Alpha 3
    cpe:2.3:a:isc:bind:9.5.0:a3
  • ISC BIND 9.5.0 Alpha 4
    cpe:2.3:a:isc:bind:9.5.0:a4
  • ISC BIND 9.5.0 Alpha 5
    cpe:2.3:a:isc:bind:9.5.0:a5
  • ISC BIND 9.5.0 Alpha 6
    cpe:2.3:a:isc:bind:9.5.0:a6
  • ISC BIND 9.5.0 Alpha 7
    cpe:2.3:a:isc:bind:9.5.0:a7
  • ISC BIND 9.5.0 Beta 1
    cpe:2.3:a:isc:bind:9.5.0:b1
  • ISC BIND 9.5.0 Beta 2
    cpe:2.3:a:isc:bind:9.5.0:b2
  • ISC BIND 9.5.0 Beta 3
    cpe:2.3:a:isc:bind:9.5.0:b3
  • ISC BIND 9.5.0 Patch 1
    cpe:2.3:a:isc:bind:9.5.0:p1
  • ISC BIND 9.5.0 Patch 2
    cpe:2.3:a:isc:bind:9.5.0:p2
  • ISC BIND 9.5.0 Patch 2 W1
    cpe:2.3:a:isc:bind:9.5.0:p2_w1
  • ISC BIND 9.5.0 Patch 2 W2
    cpe:2.3:a:isc:bind:9.5.0:p2_w2
  • ISC BIND 9.5.0 rc1
    cpe:2.3:a:isc:bind:9.5.0:rc1
  • ISC BIND 9.5.0-p1
    cpe:2.3:a:isc:bind:9.5.0-p1
  • ISC BIND 9.5.0-p2
    cpe:2.3:a:isc:bind:9.5.0-p2
  • ISC BIND 9.5.0-p2-w1
    cpe:2.3:a:isc:bind:9.5.0-p2-w1
  • ISC BIND 9.5.0-p2-w2
    cpe:2.3:a:isc:bind:9.5.0-p2-w2
  • ISC BIND 9.5.0a1
    cpe:2.3:a:isc:bind:9.5.0a1
  • ISC BIND 9.5.0a2
    cpe:2.3:a:isc:bind:9.5.0a2
  • ISC BIND 9.5.0a3
    cpe:2.3:a:isc:bind:9.5.0a3
  • ISC BIND 9.5.0a4
    cpe:2.3:a:isc:bind:9.5.0a4
  • ISC BIND 9.5.0a5
    cpe:2.3:a:isc:bind:9.5.0a5
  • ISC BIND 9.5.0a6
    cpe:2.3:a:isc:bind:9.5.0a6
  • ISC BIND 9.5.0a7
    cpe:2.3:a:isc:bind:9.5.0a7
  • ISC BIND 9.5.0b1
    cpe:2.3:a:isc:bind:9.5.0b1
  • ISC BIND 9.5.0b2
    cpe:2.3:a:isc:bind:9.5.0b2
  • ISC BIND 9.5.0b3
    cpe:2.3:a:isc:bind:9.5.0b3
  • ISC BIND 9.5.1
    cpe:2.3:a:isc:bind:9.5.1
  • ISC BIND 9.5.1 Beta 1
    cpe:2.3:a:isc:bind:9.5.1:b1
  • ISC BIND 9.5.1 Beta 2
    cpe:2.3:a:isc:bind:9.5.1:b2
  • ISC BIND 9.5.1 Beta 3
    cpe:2.3:a:isc:bind:9.5.1:b3
  • ISC BIND 9.5.1 rc1
    cpe:2.3:a:isc:bind:9.5.1:rc1
  • ISC BIND 9.5.1 rc2
    cpe:2.3:a:isc:bind:9.5.1:rc2
  • ISC BIND 9.5.1b1
    cpe:2.3:a:isc:bind:9.5.1b1
  • ISC BIND 9.5.1b2
    cpe:2.3:a:isc:bind:9.5.1b2
  • ISC BIND 9.5.1b3
    cpe:2.3:a:isc:bind:9.5.1b3
  • ISC BIND 9.5.2
    cpe:2.3:a:isc:bind:9.5.2
  • ISC BIND 9.5.2 Beta 1
    cpe:2.3:a:isc:bind:9.5.2:b1
  • ISC BIND 9.5.2 Patch 1
    cpe:2.3:a:isc:bind:9.5.2:p1
  • ISC BIND 9.5.2 Patch 2
    cpe:2.3:a:isc:bind:9.5.2:p2
  • ISC BIND 9.5.2 Patch 3
    cpe:2.3:a:isc:bind:9.5.2:p3
  • ISC BIND 9.5.2 Patch 4
    cpe:2.3:a:isc:bind:9.5.2:p4
  • ISC BIND 9.5.2 release candidate 1
    cpe:2.3:a:isc:bind:9.5.2:rc1
  • ISC BIND 9.5.2-p1
    cpe:2.3:a:isc:bind:9.5.2-p1
  • ISC BIND 9.5.2-p2
    cpe:2.3:a:isc:bind:9.5.2-p2
  • ISC BIND 9.5.2-p3
    cpe:2.3:a:isc:bind:9.5.2-p3
  • ISC BIND 9.5.2-p4
    cpe:2.3:a:isc:bind:9.5.2-p4
  • ISC BIND 9.5.2b1
    cpe:2.3:a:isc:bind:9.5.2b1
  • ISC BIND 9.5.3 Beta 1
    cpe:2.3:a:isc:bind:9.5.3:b1
  • ISC BIND 9.5.3 release candidate 1
    cpe:2.3:a:isc:bind:9.5.3:rc1
  • ISC BIND 9.5.3b1
    cpe:2.3:a:isc:bind:9.5.3b1
  • ISC BIND 9.6 Extended Support Version
    cpe:2.3:a:isc:bind:9.6:-:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 1
    cpe:2.3:a:isc:bind:9.6:r1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 2
    cpe:2.3:a:isc:bind:9.6:r2:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 3
    cpe:2.3:a:isc:bind:9.6:r3:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 4
    cpe:2.3:a:isc:bind:9.6:r4:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 4 Patch 1
    cpe:2.3:a:isc:bind:9.6:r4_p1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 5
    cpe:2.3:a:isc:bind:9.6:r5:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 5 Beta 1
    cpe:2.3:a:isc:bind:9.6:r5_b1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 5 Patch 1
    cpe:2.3:a:isc:bind:9.6:r5_p1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6
    cpe:2.3:a:isc:bind:9.6:r6:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6 Beta 1
    cpe:2.3:a:isc:bind:9.6:r6_b1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6:r6_rc1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 6 Release Candidate 2
    cpe:2.3:a:isc:bind:9.6:r6_rc2:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 7
    cpe:2.3:a:isc:bind:9.6:r7:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 7 Patch 1
    cpe:2.3:a:isc:bind:9.6:r7_p1:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 7 Patch 2
    cpe:2.3:a:isc:bind:9.6:r7_p2:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 9
    cpe:2.3:a:isc:bind:9.6:r9:-:-:esv
  • ISC BIND 9.6 Extended Support Version Release 9 Patch 1
    cpe:2.3:a:isc:bind:9.6:r9_p1:-:-:esv
  • ISC BIND 9.6-esv
    cpe:2.3:a:isc:bind:9.6-esv
  • ISC BIND 9.6-ESV-R1
    cpe:2.3:a:isc:bind:9.6-esv-r1
  • ISC BIND 9.6-ESV-R2
    cpe:2.3:a:isc:bind:9.6-esv-r2
  • ISC BIND 9.6-ESV-R3
    cpe:2.3:a:isc:bind:9.6-esv-r3
  • ISC BIND 9.6-ESV-R4
    cpe:2.3:a:isc:bind:9.6-esv-r4
  • ISC BIND 9.6-ESV-R1-P1
    cpe:2.3:a:isc:bind:9.6-esv-r4-p1
  • ISC BIND 9.6-ESV-R5
    cpe:2.3:a:isc:bind:9.6-esv-r5
  • ISC BIND 9.6-ESV-R5-P1
    cpe:2.3:a:isc:bind:9.6-esv-r5:p1
  • ISC BIND 9.6-ESV-R5b1
    cpe:2.3:a:isc:bind:9.6-esv-r5b1
  • ISC BIND 9.6-ESV-R6
    cpe:2.3:a:isc:bind:9.6-esv-r6
  • ISC BIND 9.6-ESV-R6b1
    cpe:2.3:a:isc:bind:9.6-esv-r6:b1
  • ISC BIND 9.6-ESV-R6rc1
    cpe:2.3:a:isc:bind:9.6-esv-r6:rc1
  • ISC BIND 9.6-ESV-R6rc2
    cpe:2.3:a:isc:bind:9.6-esv-r6:rc2
  • ISC BIND 9.6-ESV-R7
    cpe:2.3:a:isc:bind:9.6-esv-r7
  • ISC BIND 9.6-ESV-R7-P1
    cpe:2.3:a:isc:bind:9.6-esv-r7:p1
  • ISC BIND 9.6-ESV-R7-P2
    cpe:2.3:a:isc:bind:9.6-esv-r7:p2
  • ISC BIND 9.6-ESV-R9
    cpe:2.3:a:isc:bind:9.6-esv-r9
  • ISC BIND 9.6-ESV-R9 P1
    cpe:2.3:a:isc:bind:9.6-esv-r9:p1
  • ISC BIND 9.6.0
    cpe:2.3:a:isc:bind:9.6.0
  • ISC BIND 9.6.0 Alpha 1
    cpe:2.3:a:isc:bind:9.6.0:a1
  • ISC BIND 9.6.0 Beta 1
    cpe:2.3:a:isc:bind:9.6.0:b1
  • ISC BIND 9.6.0 p1
    cpe:2.3:a:isc:bind:9.6.0:p1
  • ISC BIND 9.6.0 rc1
    cpe:2.3:a:isc:bind:9.6.0:rc1
  • ISC BIND 9.6.0 rc2
    cpe:2.3:a:isc:bind:9.6.0:rc2
  • ISC BIND 9.6.0a1
    cpe:2.3:a:isc:bind:9.6.0a1
  • ISC BIND 9.6.0b1
    cpe:2.3:a:isc:bind:9.6.0b1
  • ISC BIND 9.6.1
    cpe:2.3:a:isc:bind:9.6.1
  • ISC BIND 9.6.1 Beta 1
    cpe:2.3:a:isc:bind:9.6.1:b1
  • ISC BIND 9.6.1 P1
    cpe:2.3:a:isc:bind:9.6.1:p1
  • ISC BIND 9.6.1 P2
    cpe:2.3:a:isc:bind:9.6.1:p2
  • ISC BIND 9.6.1 P3
    cpe:2.3:a:isc:bind:9.6.1:p3
  • ISC BIND 9.6.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6.1:rc1
  • ISC BIND 9.6.1b1
    cpe:2.3:a:isc:bind:9.6.1b1
  • ISC BIND 9.6.2
    cpe:2.3:a:isc:bind:9.6.2
  • ISC BIND 9.6.2 Beta 1
    cpe:2.3:a:isc:bind:9.6.2:b1
  • ISC BIND 9.6.2 Patch 1
    cpe:2.3:a:isc:bind:9.6.2:p1
  • ISC BIND 9.6.2 Patch 2
    cpe:2.3:a:isc:bind:9.6.2:p2
  • ISC BIND 9.6.2 Patch 3
    cpe:2.3:a:isc:bind:9.6.2:p3
  • ISC BIND 9.6.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6.2:rc1
  • ISC BIND 9.6.2-P1
    cpe:2.3:a:isc:bind:9.6.2-p1
  • ISC BIND 9.6.2-P2
    cpe:2.3:a:isc:bind:9.6.2-p2
  • ISC BIND 9.6.2-P3
    cpe:2.3:a:isc:bind:9.6.2-p3
  • ISC BIND 9.6.2b1
    cpe:2.3:a:isc:bind:9.6.2b1
  • ISC BIND 9.6.3
    cpe:2.3:a:isc:bind:9.6.3
  • ISC BIND 9.6.3 Beta 1
    cpe:2.3:a:isc:bind:9.6.3:b1
  • ISC BIND 9.6.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.6.3:rc1
  • ISC BIND 9.6.3b1
    cpe:2.3:a:isc:bind:9.6.3b1
  • ISC BIND 9.7.0
    cpe:2.3:a:isc:bind:9.7.0
  • ISC BIND 9.7.0 Alpha 1
    cpe:2.3:a:isc:bind:9.7.0:a1
  • ISC BIND 9.7.0 Alpha 2
    cpe:2.3:a:isc:bind:9.7.0:a2
  • ISC BIND 9.7.0 Alpha 3
    cpe:2.3:a:isc:bind:9.7.0:a3
  • ISC BIND 9.7.0 Beta 1
    cpe:2.3:a:isc:bind:9.7.0:b1
  • ISC BIND 9.7.0 Beta 2
    cpe:2.3:a:isc:bind:9.7.0:b2
  • ISC BIND 9.7.0 Beta 3
    cpe:2.3:a:isc:bind:9.7.0:b3
  • ISC BIND 9.7.0 beta
    cpe:2.3:a:isc:bind:9.7.0:beta
  • ISC BIND 9.7.0 p1
    cpe:2.3:a:isc:bind:9.7.0:p1
  • ISC BIND 9.7.0 p2
    cpe:2.3:a:isc:bind:9.7.0:p2
  • ISC BIND 9.7.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.0:rc1
  • ISC BIND 9.7.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.7.0:rc2
  • ISC BIND 9.7.0a1
    cpe:2.3:a:isc:bind:9.7.0a1
  • ISC BIND 9.7.0a2
    cpe:2.3:a:isc:bind:9.7.0a2
  • ISC BIND 9.7.0a3
    cpe:2.3:a:isc:bind:9.7.0a3
  • ISC BIND 9.7.0b1
    cpe:2.3:a:isc:bind:9.7.0b1
  • ISC BIND 9.7.0b2
    cpe:2.3:a:isc:bind:9.7.0b2
  • ISC BIND 9.7.0b3
    cpe:2.3:a:isc:bind:9.7.0b3
  • ISC BIND 9.7.1
    cpe:2.3:a:isc:bind:9.7.1
  • ISC BIND 9.7.1 Beta 1
    cpe:2.3:a:isc:bind:9.7.1:b1
  • ISC BIND 9.7.1 p1
    cpe:2.3:a:isc:bind:9.7.1:p1
  • ISC BIND 9.7.1 p2
    cpe:2.3:a:isc:bind:9.7.1:p2
  • ISC BIND 9.7.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.1:rc1
  • ISC BIND 9.7.1b1
    cpe:2.3:a:isc:bind:9.7.1b1
  • ISC BIND 9.7.2
    cpe:2.3:a:isc:bind:9.7.2
  • ISC BIND 9.7.2 P1
    cpe:2.3:a:isc:bind:9.7.2:p1
  • ISC BIND 9.7.2 P2
    cpe:2.3:a:isc:bind:9.7.2:p2
  • ISC BIND 9.7.2 P3
    cpe:2.3:a:isc:bind:9.7.2:p3
  • ISC BIND 9.7.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.2:rc1
  • ISC BIND 9.7.3
    cpe:2.3:a:isc:bind:9.7.3
  • ISC BIND 9.7.3 B1
    cpe:2.3:a:isc:bind:9.7.3:b1
  • ISC BIND 9.7.3 P1
    cpe:2.3:a:isc:bind:9.7.3:p1
  • ISC BIND 9.7.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.3:rc1
  • ISC BIND 9.7.4
    cpe:2.3:a:isc:bind:9.7.4
  • ISC BIND 9.7.4 B1
    cpe:2.3:a:isc:bind:9.7.4:b1
  • ISC BIND 9.7.4P1
    cpe:2.3:a:isc:bind:9.7.4:p1
  • ISC BIND 9.7.4 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.4:rc1
  • ISC BIND 9.7.4b1
    cpe:2.3:a:isc:bind:9.7.4b1
  • ISC BIND 9.7.5
    cpe:2.3:a:isc:bind:9.7.5
  • ISC BIND 9.7.5 B1
    cpe:2.3:a:isc:bind:9.7.5:b1
  • ISC BIND 9.7.5 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.5:rc1
  • ISC BIND 9.7.5 Release Candidate 2
    cpe:2.3:a:isc:bind:9.7.5:rc2
  • ISC BIND 9.7.6
    cpe:2.3:a:isc:bind:9.7.6
  • ISC BIND 9.7.6-p1
    cpe:2.3:a:isc:bind:9.7.6:p1
  • ISC BIND 9.7.6-p2
    cpe:2.3:a:isc:bind:9.7.6:p2
  • ISC BIND 9.7.6 Patch 3
    cpe:2.3:a:isc:bind:9.7.6:p3
  • ISC BIND 9.7.6 Patch 4
    cpe:2.3:a:isc:bind:9.7.6:p4
  • ISC BIND 9.7.7
    cpe:2.3:a:isc:bind:9.7.7
  • ISC BIND 9.8.0
    cpe:2.3:a:isc:bind:9.8.0
  • ISC BIND 9.8.0 A1
    cpe:2.3:a:isc:bind:9.8.0:a1
  • ISC BIND 9.8.0 B1
    cpe:2.3:a:isc:bind:9.8.0:b1
  • ISC BIND 9.8.0 P1
    cpe:2.3:a:isc:bind:9.8.0:p1
  • ISC BIND 9.8.0 P2
    cpe:2.3:a:isc:bind:9.8.0:p2
  • ISC BIND 9.8.0-P4
    cpe:2.3:a:isc:bind:9.8.0:p4
  • ISC BIND 9.8.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.8.0:rc1
  • ISC BIND 9.8.1
    cpe:2.3:a:isc:bind:9.8.1
  • ISC BIND 9.8.1 B1
    cpe:2.3:a:isc:bind:9.8.1:b1
  • ISC BIND 9.8.1 B2
    cpe:2.3:a:isc:bind:9.8.1:b2
  • ISC BIND 9.8.1 B3
    cpe:2.3:a:isc:bind:9.8.1:b3
  • ISC BIND 9.8.1-P1
    cpe:2.3:a:isc:bind:9.8.1:p1
  • ISC BIND 9.8.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.8.1:rc1
  • ISC BIND 9.8.2
    cpe:2.3:a:isc:bind:9.8.2
  • ISC BIND 9.8.2 B1
    cpe:2.3:a:isc:bind:9.8.2:b1
  • ISC BIND 9.8.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.8.2:rc1
  • ISC BIND 9.8.2 Release Candidate 2
    cpe:2.3:a:isc:bind:9.8.2:rc2
  • ISC BIND 9.8.3
    cpe:2.3:a:isc:bind:9.8.3
  • ISC BIND 9.8.3-p1
    cpe:2.3:a:isc:bind:9.8.3:p1
  • ISC BIND 9.8.3-p2
    cpe:2.3:a:isc:bind:9.8.3:p2
  • ISC BIND 9.8.3 Patch 3
    cpe:2.3:a:isc:bind:9.8.3:p3
  • ISC BIND 9.8.3 Patch 4
    cpe:2.3:a:isc:bind:9.8.3:p4
  • ISC BIND 9.8.4
    cpe:2.3:a:isc:bind:9.8.4
  • ISC BIND 9.8.5
    cpe:2.3:a:isc:bind:9.8.5
  • ISC BIND 9.8.5 b1
    cpe:2.3:a:isc:bind:9.8.5:b1
  • ISC BIND 9.8.5 b2
    cpe:2.3:a:isc:bind:9.8.5:b2
  • ISC BIND 9.8.5 P1
    cpe:2.3:a:isc:bind:9.8.5:p1
  • ISC BIND 9.8.5 P2
    cpe:2.3:a:isc:bind:9.8.5:p2
  • ISC BIND 9.8.5 release candidate 1
    cpe:2.3:a:isc:bind:9.8.5:rc1
  • ISC BIND 9.8.5 release candidate 2
    cpe:2.3:a:isc:bind:9.8.5:rc2
  • ISC BIND 9.8.6b1
    cpe:2.3:a:isc:bind:9.8.6:b1
  • ISC BIND 9.8.6 release candidate 1
    cpe:2.3:a:isc:bind:9.8.6:rc1
  • ISC BIND 9.8.6 release candidate 2
    cpe:2.3:a:isc:bind:9.8.6:rc2
  • ISC BIND 9.9.0
    cpe:2.3:a:isc:bind:9.9.0
  • ISC BIND 9.9.0a1
    cpe:2.3:a:isc:bind:9.9.0:a1
  • ISC BIND 9.9.0a2
    cpe:2.3:a:isc:bind:9.9.0:a2
  • ISC BIND 9.9.0a3
    cpe:2.3:a:isc:bind:9.9.0:a3
  • ISC BIND 9.9.0b1
    cpe:2.3:a:isc:bind:9.9.0:b1
  • ISC BIND 9.9.0b2
    cpe:2.3:a:isc:bind:9.9.0:b2
  • ISC BIND 9.9.0 release candidate 1
    cpe:2.3:a:isc:bind:9.9.0:rc1
  • ISC BIND 9.9.0 release candidate 2
    cpe:2.3:a:isc:bind:9.9.0:rc2
  • ISC BIND 9.9.0 release candidate 3
    cpe:2.3:a:isc:bind:9.9.0:rc3
  • ISC BIND 9.9.0 release candidate 4
    cpe:2.3:a:isc:bind:9.9.0:rc4
  • ISC BIND 9.9.1
    cpe:2.3:a:isc:bind:9.9.1
  • ISC BIND 9.9.1-p1
    cpe:2.3:a:isc:bind:9.9.1:p1
  • ISC BIND 9.9.1-p2
    cpe:2.3:a:isc:bind:9.9.1:p2
  • ISC BIND 9.9.1 Patch 3
    cpe:2.3:a:isc:bind:9.9.1:p3
  • ISC BIND 9.9.1 Patch 4
    cpe:2.3:a:isc:bind:9.9.1:p4
  • ISC BIND 9.9.2
    cpe:2.3:a:isc:bind:9.9.2
  • ISC BIND 9.9.2 P1
    cpe:2.3:a:isc:bind:9.9.2:p1
  • ISC BIND 9.9.2 P2
    cpe:2.3:a:isc:bind:9.9.2:p2
  • ISC BIND 9.9.3
    cpe:2.3:a:isc:bind:9.9.3
  • ISC BIND 9.9.3 b1
    cpe:2.3:a:isc:bind:9.9.3:b1
  • ISC BIND 9.9.3 b2
    cpe:2.3:a:isc:bind:9.9.3:b2
  • ISC BIND 9.9.3p1
    cpe:2.3:a:isc:bind:9.9.3:p1
  • ISC BIND 9.9.3p2
    cpe:2.3:a:isc:bind:9.9.3:p2
  • ISC BIND 9.9.3 release candidate 1
    cpe:2.3:a:isc:bind:9.9.3:rc1
  • ISC BIND 9.9.3 release candidate 2
    cpe:2.3:a:isc:bind:9.9.3:rc2
  • cpe:2.3:a:isc:bind:9.9.3:s1
    cpe:2.3:a:isc:bind:9.9.3:s1
  • ISC BIND 9.9.4b1
    cpe:2.3:a:isc:bind:9.9.4:b1
  • ISC BIND 9.9.5
    cpe:2.3:a:isc:bind:9.9.5
  • ISC BIND 9.9.6
    cpe:2.3:a:isc:bind:9.9.6
  • ISC BIND 9.9.6 p1
    cpe:2.3:a:isc:bind:9.9.6:p1
  • ISC BIND 9.9.7 b1
    cpe:2.3:a:isc:bind:9.9.7:b1
  • ISC BIND 9.9.7 Patch 1
    cpe:2.3:a:isc:bind:9.9.7:p1
  • ISC BIND 9.9.7 Release Candidate 1
    cpe:2.3:a:isc:bind:9.9.7:rc1
  • ISC BIND 9.9.7 Release Candidate 2
    cpe:2.3:a:isc:bind:9.9.7:rc2
  • ISC BIND 9.9.8
    cpe:2.3:a:isc:bind:9.9.8
  • ISC Bind 9.9.8 Patch 2
    cpe:2.3:a:isc:bind:9.9.8:p2
  • ISC BIND 9.9.8 Patch 3
    cpe:2.3:a:isc:bind:9.9.8:p3
  • ISC BIND 9.9.8 P4
    cpe:2.3:a:isc:bind:9.9.8:p4
  • ISC BIND 9.9.8 Release Candidate 1
    cpe:2.3:a:isc:bind:9.9.8:rc1
  • ISC BIND 9.9.8 S1
    cpe:2.3:a:isc:bind:9.9.8:s1
  • ISC BIND 9.9.8 Supported Preview Edition 2
    cpe:2.3:a:isc:bind:9.9.8:s2
  • ISC BIND 9.9.8 Supported Preview Edition 3
    cpe:2.3:a:isc:bind:9.9.8:s3
  • ISC BIND 9.9.8 Supported Preview Edition 4
    cpe:2.3:a:isc:bind:9.9.8:s4
  • ISC BIND 9.9.8 S5
    cpe:2.3:a:isc:bind:9.9.8:s5
  • ISC BIND 9.9.8 S6
    cpe:2.3:a:isc:bind:9.9.8:s6
  • ISC BIND 9.9.9
    cpe:2.3:a:isc:bind:9.9.9
  • ISC BIND 9.9.9 B1
    cpe:2.3:a:isc:bind:9.9.9:b1
  • ISC BIND 9.9.9 B2
    cpe:2.3:a:isc:bind:9.9.9:b2
  • ISC BIND 9.9.9 P1
    cpe:2.3:a:isc:bind:9.9.9:p1
  • ISC BIND 9.9.9 Patch 3
    cpe:2.3:a:isc:bind:9.9.9:p3
  • ISC BIND 9.9.9 Patch 4
    cpe:2.3:a:isc:bind:9.9.9:p4
  • ISC BIND 9.9.9 Release Candidate 1
    cpe:2.3:a:isc:bind:9.9.9:rc1
  • ISC BIND 9.9.9 S1
    cpe:2.3:a:isc:bind:9.9.9:s1
  • ISC BIND 9.9.9 S1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.9.9:s1rc1
  • ISC BIND 9.9.9 S6
    cpe:2.3:a:isc:bind:9.9.9:s6
  • ISC BIND 9.9.9 S7
    cpe:2.3:a:isc:bind:9.9.9:s7
  • cpe:2.3:a:isc:bind:9.9.11:s1
    cpe:2.3:a:isc:bind:9.9.11:s1
  • ISC BIND 9.10.0
    cpe:2.3:a:isc:bind:9.10.0
  • ISC BIND 9.10.0 Alpha 1
    cpe:2.3:a:isc:bind:9.10.0:a1
  • ISC BIND 9.10.0 Alpha 2
    cpe:2.3:a:isc:bind:9.10.0:a2
  • ISC BIND 9.10.0 Beta 1
    cpe:2.3:a:isc:bind:9.10.0:b1
  • ISC BIND 9.10.0 Beta 2
    cpe:2.3:a:isc:bind:9.10.0:b2
  • ISC BIND 9.10.0 Patch 1
    cpe:2.3:a:isc:bind:9.10.0:p1
  • ISC BIND 9.10.0 Patch 2
    cpe:2.3:a:isc:bind:9.10.0:p2
  • ISC BIND 9.10.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.0:rc1
  • ISC BIND 9.10.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.10.0:rc2
  • ISC BIND 9.10.1
    cpe:2.3:a:isc:bind:9.10.1
  • ISC BIND 9.10.1 Beta 1
    cpe:2.3:a:isc:bind:9.10.1:b1
  • ISC BIND 9.10.1 Beta 2
    cpe:2.3:a:isc:bind:9.10.1:b2
  • ISC BIND 9.10.1 p1
    cpe:2.3:a:isc:bind:9.10.1:p1
  • ISC BIND 9.10.1 Patch 2
    cpe:2.3:a:isc:bind:9.10.1:p2
  • ISC BIND 9.10.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.1:rc1
  • ISC BIND 9.10.1 Release Candidate 2
    cpe:2.3:a:isc:bind:9.10.1:rc2
  • ISC BIND 9.10.2
    cpe:2.3:a:isc:bind:9.10.2
  • ISC BIND 9.10.2 b2
    cpe:2.3:a:isc:bind:9.10.2:b1
  • ISC BIND 9.10.2 P1
    cpe:2.3:a:isc:bind:9.10.2:p1
  • ISC BIND 9.10.2 Patch 2
    cpe:2.3:a:isc:bind:9.10.2:p2
  • ISC BIND 9.10.2 P3
    cpe:2.3:a:isc:bind:9.10.2:p3
  • ISC BIND 9.10.2 P4
    cpe:2.3:a:isc:bind:9.10.2:p4
  • ISC BIND 9.10.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.2:rc1
  • ISC BIND 9.10.2 Release Candidate 2
    cpe:2.3:a:isc:bind:9.10.2:rc2
  • ISC BIND 9.10.3
    cpe:2.3:a:isc:bind:9.10.3
  • ISC BIND 9.10.3 Beta 1
    cpe:2.3:a:isc:bind:9.10.3:b1
  • ISC Bind 9.10.3 Patch 1
    cpe:2.3:a:isc:bind:9.10.3:p1
  • ISC Bind 9.10.3 Patch 2
    cpe:2.3:a:isc:bind:9.10.3:p2
  • ISC BIND 9.10.3 Patch 3
    cpe:2.3:a:isc:bind:9.10.3:p3
  • ISC BIND 9.10.3 P4
    cpe:2.3:a:isc:bind:9.10.3:p4
  • ISC BIND 9.10.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.3:rc1
  • ISC BIND 9.10.4
    cpe:2.3:a:isc:bind:9.10.4
  • ISC BIND 9.10.4 Beta 1
    cpe:2.3:a:isc:bind:9.10.4:b1
  • ISC BIND 9.10.4 B2
    cpe:2.3:a:isc:bind:9.10.4:b2
  • ISC BIND 9.10.4 B3
    cpe:2.3:a:isc:bind:9.10.4:b3
  • ISC BIND 9.10.4 Patch 1
    cpe:2.3:a:isc:bind:9.10.4:p1
  • ISC BIND 9.10.4 Patch 2
    cpe:2.3:a:isc:bind:9.10.4:p2
  • ISC BIND 9.10.4 Patch 3
    cpe:2.3:a:isc:bind:9.10.4:p3
  • ISC BIND 9.10.4 Patch 4
    cpe:2.3:a:isc:bind:9.10.4:p4
  • ISC BIND 9.10.4 Patch 5
    cpe:2.3:a:isc:bind:9.10.4:p5
  • ISC BIND 9.10.4 Patch 6
    cpe:2.3:a:isc:bind:9.10.4:p6
  • ISC BIND 9.10.4 Patch 8
    cpe:2.3:a:isc:bind:9.10.4:p8
  • ISC BIND 9.10.4 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.4:rc1
  • ISC BIND 9.10.5
    cpe:2.3:a:isc:bind:9.10.5
  • ISC BIND 9.10.5 Beta 1
    cpe:2.3:a:isc:bind:9.10.5:b1
  • ISC BIND 9.10.5 Patch 1
    cpe:2.3:a:isc:bind:9.10.5:p1
  • ISC BIND 9.10.5 Patch 2
    cpe:2.3:a:isc:bind:9.10.5:p2
  • ISC BIND 9.10.5 Patch 3
    cpe:2.3:a:isc:bind:9.10.5:p3
  • ISC BIND 9.10.5 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.5:rc1
  • ISC BIND 9.10.5 Release Candidate 3
    cpe:2.3:a:isc:bind:9.10.5:rc3
  • cpe:2.3:a:isc:bind:9.10.5:s1
    cpe:2.3:a:isc:bind:9.10.5:s1
  • ISC BIND 9.10.6
    cpe:2.3:a:isc:bind:9.10.6
  • ISC BIND 9.10.6 Beta 1
    cpe:2.3:a:isc:bind:9.10.6:b1
  • ISC BIND 9.10.6 Patch 1
    cpe:2.3:a:isc:bind:9.10.6:p1
  • ISC BIND 9.10.6 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.6:rc1
  • ISC BIND 9.10.6 Release Candidate 2
    cpe:2.3:a:isc:bind:9.10.6:rc2
  • cpe:2.3:a:isc:bind:9.10.6:s1
    cpe:2.3:a:isc:bind:9.10.6:s1
  • ISC BIND 9.11.0
    cpe:2.3:a:isc:bind:9.11.0
  • ISC BIND 9.11.0 Alpha 1
    cpe:2.3:a:isc:bind:9.11.0:a1
  • ISC BIND 9.11.0 Alpha 2
    cpe:2.3:a:isc:bind:9.11.0:a2
  • ISC BIND 9.11.0 Alpha 3
    cpe:2.3:a:isc:bind:9.11.0:a3
  • ISC BIND 9.11.0 Beta 1
    cpe:2.3:a:isc:bind:9.11.0:b1
  • ISC BIND 9.11.0 Beta 2
    cpe:2.3:a:isc:bind:9.11.0:b2
  • ISC BIND 9.11.0 Beta 3
    cpe:2.3:a:isc:bind:9.11.0:b3
  • ISC BIND 9.11.0 Patch 1
    cpe:2.3:a:isc:bind:9.11.0:p1
  • ISC BIND 9.11.0 Patch 2
    cpe:2.3:a:isc:bind:9.11.0:p2
  • ISC BIND 9.11.0 Patch 3
    cpe:2.3:a:isc:bind:9.11.0:p3
  • ISC BIND 9.11.0 Patch 5
    cpe:2.3:a:isc:bind:9.11.0:p5
  • ISC BIND 9.11.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.11.0:rc1
  • ISC BIND 9.11.0 Release Candidate 3
    cpe:2.3:a:isc:bind:9.11.0:rc3
  • ISC BIND 9.11.1
    cpe:2.3:a:isc:bind:9.11.1
  • ISC BIND 9.11.1 Beta 1
    cpe:2.3:a:isc:bind:9.11.1:b1
  • ISC BIND 9.11.1 Patch 3
    cpe:2.3:a:isc:bind:9.11.1:p3
  • ISC BIND 9.11.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.11.1:rc1
  • ISC BIND 9.11.1 Release Candidate 3
    cpe:2.3:a:isc:bind:9.11.1:rc3
  • ISC BIND 9.11.2
    cpe:2.3:a:isc:bind:9.11.2
  • ISC BIND 9.11.2 Beta 1
    cpe:2.3:a:isc:bind:9.11.2:b1
  • ISC BIND 9.11.2 Patch 1
    cpe:2.3:a:isc:bind:9.11.2:p1
  • ISC BIND 9.11.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.11.2:rc1
  • ISC BIND 9.11.2 Release Candidate 2
    cpe:2.3:a:isc:bind:9.11.2:rc2
  • cpe:2.3:a:isc:bind:9.12.0:alpha1
    cpe:2.3:a:isc:bind:9.12.0:alpha1
  • ISC BIND 9.12.0 Beta 1
    cpe:2.3:a:isc:bind:9.12.0:b1
  • ISC BIND 9.12.0 Beta 2
    cpe:2.3:a:isc:bind:9.12.0:b2
  • ISC BIND 9.12.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.12.0:rc1
  • Red Hat Enterprise Linux Desktop 6.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
  • RedHat Enterprise Linux Desktop 7.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
  • Red Hat Enterprise Linux Server 6.0
    cpe:2.3:o:redhat:enterprise_linux_server:6.0
  • RedHat Enterprise Linux Server 7.0
    cpe:2.3:o:redhat:enterprise_linux_server:7.0
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4
    cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4
  • Red Hat Enterprise Linux Server Advanced mission critical Update Support (AUS) 6.5
    cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6
    cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6
  • Red Hat Enterprise Linux Server AUS 7.2
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2
  • Red Hat Enterprise Linux Advanced mission critical Update Support (AUS) 7.3
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3
  • Red Hat Enterprise Linux Server Advanced mission critical Update Support (AUS) 7.4
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4
  • Red Hat Enterprise Linux Server Advanced mission critical Update Support (AUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7
    cpe:2.3:o:redhat:enterprise_linux_server_eus:6.7
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.3
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.4
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.5
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6
  • Red Hat Enterprise Linux Server Telecommunications Update Service (TUS) 6.6
    cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3
  • Red Hat Enterprise Linux Server Telecommunications Update Service (TUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6
  • Red Hat Enterprise Linux Workstation 6.0
    cpe:2.3:o:redhat:enterprise_linux_workstation:6.0
  • RedHat Enterprise Linux Workstation 7.0
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
  • Debian Linux 7.0
    cpe:2.3:o:debian:debian_linux:7.0
  • Debian Linux 8.0 (Jessie)
    cpe:2.3:o:debian:debian_linux:8.0
  • Debian Linux 9.0
    cpe:2.3:o:debian:debian_linux:9.0
  • cpe:2.3:a:netapp:data_ontap_edge
    cpe:2.3:a:netapp:data_ontap_edge
CVSS
Base: 5.0
Impact:
Exploitability:
CWE CWE-416
CAPEC
nessus via4
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2018-0252.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix (CVE-2018-5740) - Fix (CVE-2017-3145) - Change EDNS flags only after successful query (#1416035) - Fix crash in ldap driver at bind-sdb stop (#1426626) - Fix (CVE-2017-3142, CVE-2017-3143) - Update root servers and trust anchors - Fix DNSKEY that encountered a CNAME (#1447872, ISC change 3391) - Fix CVE-2017-3136 (ISC change 4575) - Fix CVE-2017-3137 (ISC change 4578)
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 112170
    published 2018-08-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=112170
    title OracleVM 3.3 / 3.4 : bind (OVMSA-2018-0252)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0303-1.NASL
    description This update for bind fixes several issues. This security issue was fixed : - CVE-2017-3145: Improper sequencing during cleanup could have lead to a use-after-free error that triggered an assertion failure and crash in named (bsc#1076118). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106531
    published 2018-01-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106531
    title SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2018:0303-1)
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2018-017-01.NASL
    description New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106106
    published 2018-01-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106106
    title Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : bind (SSA:2018-017-01)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2018-954.NASL
    description Improper fetch cleanup sequencing in the resolver can cause named to crash : A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request.(CVE-2017-3145)
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106931
    published 2018-02-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106931
    title Amazon Linux AMI : bind (ALAS-2018-954)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2018-0101.NASL
    description From Red Hat Security Advisory 2018:0101 : An update for bind is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106239
    published 2018-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106239
    title Oracle Linux 6 : bind (ELSA-2018-0101)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL08613310.NASL
    description BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. (CVE-2017-3145) Impact BIG-IP A remote attacker can use this flaw to make named , acting as a Domain Name System Security Extensions (DNSSEC) validating resolver, exit unexpectedly with an assertion failure by way of a specially crafted DNS request. This vulnerability affects BIND only when configured as a recursive resolver with DNSSEC validation enabled. That mode of operation is not present in any default configuration but can be enabled. ARX, Enterprise Manager, BIG-IQ, F5 iWorkflow, LineRate, and Traffix There is no impact; these F5 products are not affected by this vulnerability.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 118626
    published 2018-11-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118626
    title F5 Networks BIG-IP : BIND vulnerability (K08613310)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-97BDB9BA32.NASL
    description Upgrades to latest minor supported BIND. Includes first -P1 security release fixing CVE-2017-3145. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106283
    published 2018-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106283
    title Fedora 27 : 32:bind / bind-dyndb-ldap / dnsperf (2018-97bdb9ba32)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-4089.NASL
    description Jayachandran Palanisamy of Cygate AB reported that BIND, a DNS server implementation, was improperly sequencing cleanup operations, leading in some cases to a use-after-free error, triggering an assertion failure and crash in named.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106076
    published 2018-01-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106076
    title Debian DSA-4089-1 : bind9 - security update
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20180122_BIND_ON_SL7_X.NASL
    description Security Fix(es) : - A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145)
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106258
    published 2018-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106258
    title Scientific Linux Security Update : bind on SL7.x x86_64
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-0101.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106244
    published 2018-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106244
    title RHEL 6 : bind (RHSA-2018:0101)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2018-0101.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106233
    published 2018-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106233
    title CentOS 6 : bind (CESA-2018:0101)
  • NASL family Junos Local Security Checks
    NASL id JUNIPER_SPACE_JSA10917_184R1.NASL
    description According to its self-reported version number, the remote Junos Space version is 18.4.x prior to 18.4R1. It is, therefore, affected by multiple vulnerabilities : - An integer overflow issue exists in procps-ng. This is related to CVE-2018-1124. (CVE-2018-1126) - A directory traversal issue exits in reposync, a part of yum-utils.tory configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. (CVE-2018-10897) - An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID binary could use this flaw to escalate their privileges on the system. (CVE-2018-14634) Additionally, Junos Space is affected by several other vulnerabilities exist as noted in the vendor advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2019-01-10
    plugin id 121068
    published 2019-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121068
    title Juniper Junos Space 18.4.x < 18.4R1 Multiple Vulnerabilities (JSA10917)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2018-0102.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106234
    published 2018-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106234
    title CentOS 7 : bind (CESA-2018:0102)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-1255.NASL
    description Jayachandran Palanisamy of Cygate AB reported that BIND, a DNS server implementation, was improperly sequencing cleanup operations, leading in some cases to a use-after-free error, triggering an assertion failure and crash in named. For Debian 7 'Wheezy', these problems have been fixed in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u19. We recommend that you upgrade your bind9 packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106211
    published 2018-01-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106211
    title Debian DLA-1255-1 : bind9 security update
  • NASL family DNS
    NASL id BIND9_CVE-2017-3145.NASL
    description According to its self-reported version, the instance of ISC BIND 9 running on the remote name server is 9.9.x prior to 9.9.11-S2 or 9.9.11-P1, 9.10.x prior to 9.10.6-S2 or 9.10.6-P1, or 9.11.x prior to 9.11.2-P1. It is, therefore, affected by a remote denial of service vulnerability.
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 106200
    published 2018-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106200
    title ISC BIND 9 < 9.9.11-P1 / 9.9.11-S2 / 9.10.6-P1 / 9.10.6-S2 / 9.11.2-P1 / 9.12.0rc2 Multiple Vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-0102.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106245
    published 2018-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106245
    title RHEL 7 : bind (RHSA-2018:0102)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3535-1.NASL
    description Jayachandran Palanisamy discovered that the Bind resolver incorrectly handled fetch cleanup sequencing. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106135
    published 2018-01-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106135
    title Ubuntu 14.04 LTS / 16.04 LTS / 17.10 : bind9 vulnerability (USN-3535-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-0488.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 7.3 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * bind: Improper fetch cleanup sequencing in the resolver can cause named to crash (CVE-2017-3145) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 108277
    published 2018-03-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108277
    title RHEL 7 : bind (RHSA-2018:0488)
  • NASL family Amazon Linux Local Security Checks
    NASL id AL2_ALAS-2018-954.NASL
    description Improper fetch cleanup sequencing in the resolver can cause named to crash A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145)
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 109125
    published 2018-04-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=109125
    title Amazon Linux 2 : bind (ALAS-2018-954)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2018-0102.NASL
    description From Red Hat Security Advisory 2018:0102 : An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106240
    published 2018-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106240
    title Oracle Linux 7 : bind (ELSA-2018-0102)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1038.NASL
    description According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106766
    published 2018-02-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106766
    title EulerOS 2.0 SP2 : bind (EulerOS-SA-2018-1038)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-6550550774.NASL
    description Update to BIND 9.11.2-P1, fixing CVE-2017-3145. Also with rebase to current supported minor version. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106513
    published 2018-01-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106513
    title Fedora 26 : 32:bind / bind-dyndb-ldap / dnsperf (2018-6550550774)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0362-1.NASL
    description This update for bind fixes several issues. This security issue was fixed : - CVE-2017-3145: Improper sequencing during cleanup could have lead to a use-after-free error that triggered an assertion failure and crash in named (bsc#1076118). The update package also includes non-security fixes. See advisory for details. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106618
    published 2018-02-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106618
    title SUSE SLES11 Security Update : bind (SUSE-SU-2018:0362-1)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2018-0014.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix (CVE-2017-3145)
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106291
    published 2018-01-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106291
    title OracleVM 3.3 / 3.4 : bind (OVMSA-2018-0014)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-114.NASL
    description This update for bind fixes several issues. This security issue was fixed : - CVE-2017-3145: Improper sequencing during cleanup could have lead to a use-after-free error that triggered an assertion failure and crash in named (bsc#1076118). These non-security issues were fixed : - Updated named.root file (bsc#1040039) - Update bind.keys for DNSSEC root KSK rollover (bsc#1047184) This update was imported from the SUSE:SLE-12-SP1:Update update project.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106545
    published 2018-02-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106545
    title openSUSE Security Update : bind (openSUSE-2018-114)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1037.NASL
    description According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106765
    published 2018-02-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106765
    title EulerOS 2.0 SP1 : bind (EulerOS-SA-2018-1037)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20180122_BIND_ON_SL6_X.NASL
    description Security Fix(es) : - A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145)
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 106257
    published 2018-01-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106257
    title Scientific Linux Security Update : bind on SL6.x i386/x86_64
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-0487.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco Extended Update Support, and Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * bind: Improper fetch cleanup sequencing in the resolver can cause named to crash (CVE-2017-3145) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Jayachandran Palanisamy (Cygate AB) as the original reporter.
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 108276
    published 2018-03-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=108276
    title RHEL 6 : bind (RHSA-2018:0487)
redhat via4
advisories
  • bugzilla
    id 1534812
    title CVE-2017-3145 bind: Improper fetch cleanup sequencing in the resolver can cause named to crash
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhsa:tst:20100842001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhsa:tst:20100842002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20100842003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20100842004
    • OR
      • AND
        • comment bind is earlier than 32:9.8.2-0.62.rc1.el6_9.5
          oval oval:com.redhat.rhsa:tst:20180101011
        • comment bind is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975006
      • AND
        • comment bind-chroot is earlier than 32:9.8.2-0.62.rc1.el6_9.5
          oval oval:com.redhat.rhsa:tst:20180101015
        • comment bind-chroot is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975012
      • AND
        • comment bind-devel is earlier than 32:9.8.2-0.62.rc1.el6_9.5
          oval oval:com.redhat.rhsa:tst:20180101007
        • comment bind-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975010
      • AND
        • comment bind-libs is earlier than 32:9.8.2-0.62.rc1.el6_9.5
          oval oval:com.redhat.rhsa:tst:20180101013
        • comment bind-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975016
      • AND
        • comment bind-sdb is earlier than 32:9.8.2-0.62.rc1.el6_9.5
          oval oval:com.redhat.rhsa:tst:20180101009
        • comment bind-sdb is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975014
      • AND
        • comment bind-utils is earlier than 32:9.8.2-0.62.rc1.el6_9.5
          oval oval:com.redhat.rhsa:tst:20180101005
        • comment bind-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975008
    rhsa
    id RHSA-2018:0101
    released 2018-01-22
    severity Important
    title RHSA-2018:0101: bind security update (Important)
  • bugzilla
    id 1534812
    title CVE-2017-3145 bind: Improper fetch cleanup sequencing in the resolver can cause named to crash
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhsa:tst:20140675001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhsa:tst:20140675002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20140675003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20140675004
    • OR
      • AND
        • comment bind is earlier than 32:9.9.4-51.el7_4.2
          oval oval:com.redhat.rhsa:tst:20180102023
        • comment bind is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975006
      • AND
        • comment bind-chroot is earlier than 32:9.9.4-51.el7_4.2
          oval oval:com.redhat.rhsa:tst:20180102019
        • comment bind-chroot is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975012
      • AND
        • comment bind-devel is earlier than 32:9.9.4-51.el7_4.2
          oval oval:com.redhat.rhsa:tst:20180102017
        • comment bind-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975010
      • AND
        • comment bind-libs is earlier than 32:9.9.4-51.el7_4.2
          oval oval:com.redhat.rhsa:tst:20180102013
        • comment bind-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975016
      • AND
        • comment bind-libs-lite is earlier than 32:9.9.4-51.el7_4.2
          oval oval:com.redhat.rhsa:tst:20180102027
        • comment bind-libs-lite is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141984041
      • AND
        • comment bind-license is earlier than 32:9.9.4-51.el7_4.2
          oval oval:com.redhat.rhsa:tst:20180102031
        • comment bind-license is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141984029
      • AND
        • comment bind-lite-devel is earlier than 32:9.9.4-51.el7_4.2
          oval oval:com.redhat.rhsa:tst:20180102015
        • comment bind-lite-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141984039
      • AND
        • comment bind-pkcs11 is earlier than 32:9.9.4-51.el7_4.2
          oval oval:com.redhat.rhsa:tst:20180102007
        • comment bind-pkcs11 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152655032
      • AND
        • comment bind-pkcs11-devel is earlier than 32:9.9.4-51.el7_4.2
          oval oval:com.redhat.rhsa:tst:20180102011
        • comment bind-pkcs11-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152655028
      • AND
        • comment bind-pkcs11-libs is earlier than 32:9.9.4-51.el7_4.2
          oval oval:com.redhat.rhsa:tst:20180102009
        • comment bind-pkcs11-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152655030
      • AND
        • comment bind-pkcs11-utils is earlier than 32:9.9.4-51.el7_4.2
          oval oval:com.redhat.rhsa:tst:20180102029
        • comment bind-pkcs11-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152655023
      • AND
        • comment bind-sdb is earlier than 32:9.9.4-51.el7_4.2
          oval oval:com.redhat.rhsa:tst:20180102005
        • comment bind-sdb is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975014
      • AND
        • comment bind-sdb-chroot is earlier than 32:9.9.4-51.el7_4.2
          oval oval:com.redhat.rhsa:tst:20180102025
        • comment bind-sdb-chroot is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20141984035
      • AND
        • comment bind-utils is earlier than 32:9.9.4-51.el7_4.2
          oval oval:com.redhat.rhsa:tst:20180102021
        • comment bind-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20100975008
    rhsa
    id RHSA-2018:0102
    released 2018-01-22
    severity Important
    title RHSA-2018:0102: bind security update (Important)
  • rhsa
    id RHSA-2018:0487
  • rhsa
    id RHSA-2018:0488
rpms
  • bind-32:9.8.2-0.62.rc1.el6_9.5
  • bind-chroot-32:9.8.2-0.62.rc1.el6_9.5
  • bind-devel-32:9.8.2-0.62.rc1.el6_9.5
  • bind-libs-32:9.8.2-0.62.rc1.el6_9.5
  • bind-sdb-32:9.8.2-0.62.rc1.el6_9.5
  • bind-utils-32:9.8.2-0.62.rc1.el6_9.5
  • bind-32:9.9.4-51.el7_4.2
  • bind-chroot-32:9.9.4-51.el7_4.2
  • bind-devel-32:9.9.4-51.el7_4.2
  • bind-libs-32:9.9.4-51.el7_4.2
  • bind-libs-lite-32:9.9.4-51.el7_4.2
  • bind-license-32:9.9.4-51.el7_4.2
  • bind-lite-devel-32:9.9.4-51.el7_4.2
  • bind-pkcs11-32:9.9.4-51.el7_4.2
  • bind-pkcs11-devel-32:9.9.4-51.el7_4.2
  • bind-pkcs11-libs-32:9.9.4-51.el7_4.2
  • bind-pkcs11-utils-32:9.9.4-51.el7_4.2
  • bind-sdb-32:9.9.4-51.el7_4.2
  • bind-sdb-chroot-32:9.9.4-51.el7_4.2
  • bind-utils-32:9.9.4-51.el7_4.2
refmap via4
bid 102716
confirm
debian DSA-4089
mlist [debian-lts-announce] 20180121 [SECURITY] [DLA 1255-1] bind9 security update
sectrack 1040195
Last major update 16-01-2019 - 15:29
Published 16-01-2019 - 15:29
Last modified 11-02-2019 - 14:25
Back to Top