ID CVE-2018-5743
Summary By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -> 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
redhat via4
advisories
bugzilla
id 1702541
title CVE-2018-5743 bind: Limiting simultaneous TCP clients is ineffective
oval
AND
  • OR
    • comment Red Hat Enterprise Linux 7 Client is installed
      oval oval:com.redhat.rhba:tst:20150364001
    • comment Red Hat Enterprise Linux 7 Server is installed
      oval oval:com.redhat.rhba:tst:20150364002
    • comment Red Hat Enterprise Linux 7 Workstation is installed
      oval oval:com.redhat.rhba:tst:20150364003
    • comment Red Hat Enterprise Linux 7 ComputeNode is installed
      oval oval:com.redhat.rhba:tst:20150364004
  • OR
    • AND
      • comment bind is earlier than 32:9.9.4-74.el7_6.1
        oval oval:com.redhat.rhsa:tst:20191294015
      • comment bind is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20170651006
    • AND
      • comment bind-chroot is earlier than 32:9.9.4-74.el7_6.1
        oval oval:com.redhat.rhsa:tst:20191294025
      • comment bind-chroot is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20170651014
    • AND
      • comment bind-devel is earlier than 32:9.9.4-74.el7_6.1
        oval oval:com.redhat.rhsa:tst:20191294013
      • comment bind-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20170651016
    • AND
      • comment bind-libs is earlier than 32:9.9.4-74.el7_6.1
        oval oval:com.redhat.rhsa:tst:20191294017
      • comment bind-libs is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20170651012
    • AND
      • comment bind-libs-lite is earlier than 32:9.9.4-74.el7_6.1
        oval oval:com.redhat.rhsa:tst:20191294007
      • comment bind-libs-lite is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20171767022
    • AND
      • comment bind-license is earlier than 32:9.9.4-74.el7_6.1
        oval oval:com.redhat.rhsa:tst:20191294031
      • comment bind-license is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20171767032
    • AND
      • comment bind-lite-devel is earlier than 32:9.9.4-74.el7_6.1
        oval oval:com.redhat.rhsa:tst:20191294029
      • comment bind-lite-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20171767028
    • AND
      • comment bind-pkcs11 is earlier than 32:9.9.4-74.el7_6.1
        oval oval:com.redhat.rhsa:tst:20191294019
      • comment bind-pkcs11 is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20171767024
    • AND
      • comment bind-pkcs11-devel is earlier than 32:9.9.4-74.el7_6.1
        oval oval:com.redhat.rhsa:tst:20191294011
      • comment bind-pkcs11-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20171767030
    • AND
      • comment bind-pkcs11-libs is earlier than 32:9.9.4-74.el7_6.1
        oval oval:com.redhat.rhsa:tst:20191294021
      • comment bind-pkcs11-libs is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20171767014
    • AND
      • comment bind-pkcs11-utils is earlier than 32:9.9.4-74.el7_6.1
        oval oval:com.redhat.rhsa:tst:20191294009
      • comment bind-pkcs11-utils is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20171767010
    • AND
      • comment bind-sdb is earlier than 32:9.9.4-74.el7_6.1
        oval oval:com.redhat.rhsa:tst:20191294027
      • comment bind-sdb is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20170651010
    • AND
      • comment bind-sdb-chroot is earlier than 32:9.9.4-74.el7_6.1
        oval oval:com.redhat.rhsa:tst:20191294023
      • comment bind-sdb-chroot is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20171767016
    • AND
      • comment bind-utils is earlier than 32:9.9.4-74.el7_6.1
        oval oval:com.redhat.rhsa:tst:20191294005
      • comment bind-utils is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhba:tst:20170651008
rhsa
id RHSA-2019:1294
released 2019-05-29
severity Important
title RHSA-2019:1294: bind security update (Important)
rpms
  • bind-32:9.9.4-74.el7_6.1
  • bind-chroot-32:9.9.4-74.el7_6.1
  • bind-devel-32:9.9.4-74.el7_6.1
  • bind-libs-32:9.9.4-74.el7_6.1
  • bind-libs-lite-32:9.9.4-74.el7_6.1
  • bind-license-32:9.9.4-74.el7_6.1
  • bind-lite-devel-32:9.9.4-74.el7_6.1
  • bind-pkcs11-32:9.9.4-74.el7_6.1
  • bind-pkcs11-devel-32:9.9.4-74.el7_6.1
  • bind-pkcs11-libs-32:9.9.4-74.el7_6.1
  • bind-pkcs11-utils-32:9.9.4-74.el7_6.1
  • bind-sdb-32:9.9.4-74.el7_6.1
  • bind-sdb-chroot-32:9.9.4-74.el7_6.1
  • bind-utils-32:9.9.4-74.el7_6.1
Last major update 09-10-2019 - 12:21
Published 09-10-2019 - 12:15
Last modified 09-10-2019 - 12:21
Back to Top