ID CVE-2018-5737
Summary A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching can in some cases cause undesirable behavior from named, such as a recursion loop or excessive logging. Deliberate exploitation of this condition could cause operational problems depending on the particular manifestation -- either degradation or denial of service. Affects BIND 9.12.0 and 9.12.1.
References
Vulnerable Configurations
  • cpe:2.3:a:isc:bind:9.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:isc:bind:9.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:isc:bind:9.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*
    cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 09-10-2019 - 23:41)
Impact:
Exploitability:
CWE CWE-617
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid 104236
confirm
sectrack 1040942
Last major update 09-10-2019 - 23:41
Published 16-01-2019 - 20:29
Back to Top