ID CVE-2018-5740
Summary "deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.
References
Vulnerable Configurations
  • ISC BIND 9.7.0
    cpe:2.3:a:isc:bind:9.7.0
  • ISC BIND 9.7.0 Alpha 1
    cpe:2.3:a:isc:bind:9.7.0:a1
  • ISC BIND 9.7.0 Alpha 2
    cpe:2.3:a:isc:bind:9.7.0:a2
  • ISC BIND 9.7.0 Alpha 3
    cpe:2.3:a:isc:bind:9.7.0:a3
  • ISC BIND 9.7.0 Beta 1
    cpe:2.3:a:isc:bind:9.7.0:b1
  • ISC BIND 9.7.0 Beta 2
    cpe:2.3:a:isc:bind:9.7.0:b2
  • ISC BIND 9.7.0 Beta 3
    cpe:2.3:a:isc:bind:9.7.0:b3
  • ISC BIND 9.7.0 beta
    cpe:2.3:a:isc:bind:9.7.0:beta
  • ISC BIND 9.7.0 p1
    cpe:2.3:a:isc:bind:9.7.0:p1
  • ISC BIND 9.7.0 p2
    cpe:2.3:a:isc:bind:9.7.0:p2
  • ISC BIND 9.7.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.0:rc1
  • ISC BIND 9.7.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.7.0:rc2
  • ISC BIND 9.7.0a1
    cpe:2.3:a:isc:bind:9.7.0a1
  • ISC BIND 9.7.0a2
    cpe:2.3:a:isc:bind:9.7.0a2
  • ISC BIND 9.7.0a3
    cpe:2.3:a:isc:bind:9.7.0a3
  • ISC BIND 9.7.0b1
    cpe:2.3:a:isc:bind:9.7.0b1
  • ISC BIND 9.7.0b2
    cpe:2.3:a:isc:bind:9.7.0b2
  • ISC BIND 9.7.0b3
    cpe:2.3:a:isc:bind:9.7.0b3
  • ISC BIND 9.7.1
    cpe:2.3:a:isc:bind:9.7.1
  • ISC BIND 9.7.1 Beta 1
    cpe:2.3:a:isc:bind:9.7.1:b1
  • ISC BIND 9.7.1 p1
    cpe:2.3:a:isc:bind:9.7.1:p1
  • ISC BIND 9.7.1 p2
    cpe:2.3:a:isc:bind:9.7.1:p2
  • ISC BIND 9.7.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.1:rc1
  • ISC BIND 9.7.1b1
    cpe:2.3:a:isc:bind:9.7.1b1
  • ISC BIND 9.7.2
    cpe:2.3:a:isc:bind:9.7.2
  • ISC BIND 9.7.2 P1
    cpe:2.3:a:isc:bind:9.7.2:p1
  • ISC BIND 9.7.2 P2
    cpe:2.3:a:isc:bind:9.7.2:p2
  • ISC BIND 9.7.2 P3
    cpe:2.3:a:isc:bind:9.7.2:p3
  • ISC BIND 9.7.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.2:rc1
  • ISC BIND 9.7.3
    cpe:2.3:a:isc:bind:9.7.3
  • ISC BIND 9.7.3 B1
    cpe:2.3:a:isc:bind:9.7.3:b1
  • ISC BIND 9.7.3 P1
    cpe:2.3:a:isc:bind:9.7.3:p1
  • ISC BIND 9.7.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.3:rc1
  • ISC BIND 9.7.4
    cpe:2.3:a:isc:bind:9.7.4
  • ISC BIND 9.7.4 B1
    cpe:2.3:a:isc:bind:9.7.4:b1
  • ISC BIND 9.7.4P1
    cpe:2.3:a:isc:bind:9.7.4:p1
  • ISC BIND 9.7.4 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.4:rc1
  • ISC BIND 9.7.4b1
    cpe:2.3:a:isc:bind:9.7.4b1
  • ISC BIND 9.7.5
    cpe:2.3:a:isc:bind:9.7.5
  • ISC BIND 9.7.5 B1
    cpe:2.3:a:isc:bind:9.7.5:b1
  • ISC BIND 9.7.5 Release Candidate 1
    cpe:2.3:a:isc:bind:9.7.5:rc1
  • ISC BIND 9.7.5 Release Candidate 2
    cpe:2.3:a:isc:bind:9.7.5:rc2
  • ISC BIND 9.7.6
    cpe:2.3:a:isc:bind:9.7.6
  • ISC BIND 9.7.6-p1
    cpe:2.3:a:isc:bind:9.7.6:p1
  • ISC BIND 9.7.6-p2
    cpe:2.3:a:isc:bind:9.7.6:p2
  • ISC BIND 9.7.6 Patch 3
    cpe:2.3:a:isc:bind:9.7.6:p3
  • ISC BIND 9.7.6 Patch 4
    cpe:2.3:a:isc:bind:9.7.6:p4
  • ISC BIND 9.7.7
    cpe:2.3:a:isc:bind:9.7.7
  • ISC BIND 9.8.0
    cpe:2.3:a:isc:bind:9.8.0
  • ISC BIND 9.8.0 A1
    cpe:2.3:a:isc:bind:9.8.0:a1
  • ISC BIND 9.8.0 B1
    cpe:2.3:a:isc:bind:9.8.0:b1
  • ISC BIND 9.8.0 P1
    cpe:2.3:a:isc:bind:9.8.0:p1
  • ISC BIND 9.8.0 P2
    cpe:2.3:a:isc:bind:9.8.0:p2
  • ISC BIND 9.8.0-P4
    cpe:2.3:a:isc:bind:9.8.0:p4
  • ISC BIND 9.8.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.8.0:rc1
  • ISC BIND 9.8.1
    cpe:2.3:a:isc:bind:9.8.1
  • ISC BIND 9.8.1 B1
    cpe:2.3:a:isc:bind:9.8.1:b1
  • ISC BIND 9.8.1 B2
    cpe:2.3:a:isc:bind:9.8.1:b2
  • ISC BIND 9.8.1 B3
    cpe:2.3:a:isc:bind:9.8.1:b3
  • ISC BIND 9.8.1-P1
    cpe:2.3:a:isc:bind:9.8.1:p1
  • ISC BIND 9.8.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.8.1:rc1
  • ISC BIND 9.8.2
    cpe:2.3:a:isc:bind:9.8.2
  • ISC BIND 9.8.2 B1
    cpe:2.3:a:isc:bind:9.8.2:b1
  • ISC BIND 9.8.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.8.2:rc1
  • ISC BIND 9.8.2 Release Candidate 2
    cpe:2.3:a:isc:bind:9.8.2:rc2
  • ISC BIND 9.8.3
    cpe:2.3:a:isc:bind:9.8.3
  • ISC BIND 9.8.3-p1
    cpe:2.3:a:isc:bind:9.8.3:p1
  • ISC BIND 9.8.3-p2
    cpe:2.3:a:isc:bind:9.8.3:p2
  • ISC BIND 9.8.3 Patch 3
    cpe:2.3:a:isc:bind:9.8.3:p3
  • ISC BIND 9.8.3 Patch 4
    cpe:2.3:a:isc:bind:9.8.3:p4
  • ISC BIND 9.8.4
    cpe:2.3:a:isc:bind:9.8.4
  • ISC BIND 9.8.5
    cpe:2.3:a:isc:bind:9.8.5
  • ISC BIND 9.8.5 b1
    cpe:2.3:a:isc:bind:9.8.5:b1
  • ISC BIND 9.8.5 b2
    cpe:2.3:a:isc:bind:9.8.5:b2
  • ISC BIND 9.8.5 P1
    cpe:2.3:a:isc:bind:9.8.5:p1
  • ISC BIND 9.8.5 P2
    cpe:2.3:a:isc:bind:9.8.5:p2
  • ISC BIND 9.8.5 release candidate 1
    cpe:2.3:a:isc:bind:9.8.5:rc1
  • ISC BIND 9.8.5 release candidate 2
    cpe:2.3:a:isc:bind:9.8.5:rc2
  • ISC BIND 9.8.6b1
    cpe:2.3:a:isc:bind:9.8.6:b1
  • ISC BIND 9.8.6 release candidate 1
    cpe:2.3:a:isc:bind:9.8.6:rc1
  • ISC BIND 9.8.6 release candidate 2
    cpe:2.3:a:isc:bind:9.8.6:rc2
  • ISC BIND 9.9.0
    cpe:2.3:a:isc:bind:9.9.0
  • ISC BIND 9.9.0a1
    cpe:2.3:a:isc:bind:9.9.0:a1
  • ISC BIND 9.9.0a2
    cpe:2.3:a:isc:bind:9.9.0:a2
  • ISC BIND 9.9.0a3
    cpe:2.3:a:isc:bind:9.9.0:a3
  • ISC BIND 9.9.0b1
    cpe:2.3:a:isc:bind:9.9.0:b1
  • ISC BIND 9.9.0b2
    cpe:2.3:a:isc:bind:9.9.0:b2
  • ISC BIND 9.9.0 release candidate 1
    cpe:2.3:a:isc:bind:9.9.0:rc1
  • ISC BIND 9.9.0 release candidate 2
    cpe:2.3:a:isc:bind:9.9.0:rc2
  • ISC BIND 9.9.0 release candidate 3
    cpe:2.3:a:isc:bind:9.9.0:rc3
  • ISC BIND 9.9.0 release candidate 4
    cpe:2.3:a:isc:bind:9.9.0:rc4
  • ISC BIND 9.9.1
    cpe:2.3:a:isc:bind:9.9.1
  • ISC BIND 9.9.1-p1
    cpe:2.3:a:isc:bind:9.9.1:p1
  • ISC BIND 9.9.1-p2
    cpe:2.3:a:isc:bind:9.9.1:p2
  • ISC BIND 9.9.1 Patch 3
    cpe:2.3:a:isc:bind:9.9.1:p3
  • ISC BIND 9.9.1 Patch 4
    cpe:2.3:a:isc:bind:9.9.1:p4
  • ISC BIND 9.9.2
    cpe:2.3:a:isc:bind:9.9.2
  • ISC BIND 9.9.2 P1
    cpe:2.3:a:isc:bind:9.9.2:p1
  • ISC BIND 9.9.2 P2
    cpe:2.3:a:isc:bind:9.9.2:p2
  • ISC BIND 9.9.3
    cpe:2.3:a:isc:bind:9.9.3
  • ISC BIND 9.9.3 b1
    cpe:2.3:a:isc:bind:9.9.3:b1
  • ISC BIND 9.9.3 b2
    cpe:2.3:a:isc:bind:9.9.3:b2
  • ISC BIND 9.9.3p1
    cpe:2.3:a:isc:bind:9.9.3:p1
  • ISC BIND 9.9.3p2
    cpe:2.3:a:isc:bind:9.9.3:p2
  • ISC BIND 9.9.3 release candidate 1
    cpe:2.3:a:isc:bind:9.9.3:rc1
  • ISC BIND 9.9.3 release candidate 2
    cpe:2.3:a:isc:bind:9.9.3:rc2
  • ISC BIND 9.9.4b1
    cpe:2.3:a:isc:bind:9.9.4:b1
  • ISC BIND 9.9.5
    cpe:2.3:a:isc:bind:9.9.5
  • ISC BIND 9.9.6
    cpe:2.3:a:isc:bind:9.9.6
  • ISC BIND 9.9.6 p1
    cpe:2.3:a:isc:bind:9.9.6:p1
  • ISC BIND 9.9.7 b1
    cpe:2.3:a:isc:bind:9.9.7:b1
  • ISC BIND 9.9.7 Patch 1
    cpe:2.3:a:isc:bind:9.9.7:p1
  • ISC BIND 9.9.7 Release Candidate 1
    cpe:2.3:a:isc:bind:9.9.7:rc1
  • ISC BIND 9.9.7 Release Candidate 2
    cpe:2.3:a:isc:bind:9.9.7:rc2
  • ISC BIND 9.9.8
    cpe:2.3:a:isc:bind:9.9.8
  • ISC Bind 9.9.8 Patch 2
    cpe:2.3:a:isc:bind:9.9.8:p2
  • ISC BIND 9.9.8 Patch 3
    cpe:2.3:a:isc:bind:9.9.8:p3
  • ISC BIND 9.9.8 P4
    cpe:2.3:a:isc:bind:9.9.8:p4
  • ISC BIND 9.9.8 Release Candidate 1
    cpe:2.3:a:isc:bind:9.9.8:rc1
  • ISC BIND 9.9.8 S1
    cpe:2.3:a:isc:bind:9.9.8:s1
  • ISC BIND 9.9.8 Supported Preview Edition 2
    cpe:2.3:a:isc:bind:9.9.8:s2
  • ISC BIND 9.9.8 Supported Preview Edition 3
    cpe:2.3:a:isc:bind:9.9.8:s3
  • ISC BIND 9.9.8 Supported Preview Edition 4
    cpe:2.3:a:isc:bind:9.9.8:s4
  • ISC BIND 9.9.8 S5
    cpe:2.3:a:isc:bind:9.9.8:s5
  • ISC BIND 9.9.8 S6
    cpe:2.3:a:isc:bind:9.9.8:s6
  • ISC BIND 9.9.9
    cpe:2.3:a:isc:bind:9.9.9
  • ISC BIND 9.9.9 B1
    cpe:2.3:a:isc:bind:9.9.9:b1
  • ISC BIND 9.9.9 B2
    cpe:2.3:a:isc:bind:9.9.9:b2
  • ISC BIND 9.9.9 P1
    cpe:2.3:a:isc:bind:9.9.9:p1
  • ISC BIND 9.9.9 Patch 3
    cpe:2.3:a:isc:bind:9.9.9:p3
  • ISC BIND 9.9.9 Patch 4
    cpe:2.3:a:isc:bind:9.9.9:p4
  • ISC BIND 9.9.9 Release Candidate 1
    cpe:2.3:a:isc:bind:9.9.9:rc1
  • ISC BIND 9.9.9 S1
    cpe:2.3:a:isc:bind:9.9.9:s1
  • ISC BIND 9.9.9 S1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.9.9:s1rc1
  • ISC BIND 9.9.9 S6
    cpe:2.3:a:isc:bind:9.9.9:s6
  • ISC BIND 9.9.9 S7
    cpe:2.3:a:isc:bind:9.9.9:s7
  • ISC BIND 9.10.0
    cpe:2.3:a:isc:bind:9.10.0
  • ISC BIND 9.10.0 Alpha 1
    cpe:2.3:a:isc:bind:9.10.0:a1
  • ISC BIND 9.10.0 Alpha 2
    cpe:2.3:a:isc:bind:9.10.0:a2
  • ISC BIND 9.10.0 Beta 1
    cpe:2.3:a:isc:bind:9.10.0:b1
  • ISC BIND 9.10.0 Beta 2
    cpe:2.3:a:isc:bind:9.10.0:b2
  • ISC BIND 9.10.0 Patch 1
    cpe:2.3:a:isc:bind:9.10.0:p1
  • ISC BIND 9.10.0 Patch 2
    cpe:2.3:a:isc:bind:9.10.0:p2
  • ISC BIND 9.10.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.0:rc1
  • ISC BIND 9.10.0 Release Candidate 2
    cpe:2.3:a:isc:bind:9.10.0:rc2
  • ISC BIND 9.10.1
    cpe:2.3:a:isc:bind:9.10.1
  • ISC BIND 9.10.1 Beta 1
    cpe:2.3:a:isc:bind:9.10.1:b1
  • ISC BIND 9.10.1 Beta 2
    cpe:2.3:a:isc:bind:9.10.1:b2
  • ISC BIND 9.10.1 p1
    cpe:2.3:a:isc:bind:9.10.1:p1
  • ISC BIND 9.10.1 Patch 2
    cpe:2.3:a:isc:bind:9.10.1:p2
  • ISC BIND 9.10.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.1:rc1
  • ISC BIND 9.10.1 Release Candidate 2
    cpe:2.3:a:isc:bind:9.10.1:rc2
  • ISC BIND 9.10.2
    cpe:2.3:a:isc:bind:9.10.2
  • ISC BIND 9.10.2 b2
    cpe:2.3:a:isc:bind:9.10.2:b1
  • ISC BIND 9.10.2 P1
    cpe:2.3:a:isc:bind:9.10.2:p1
  • ISC BIND 9.10.2 Patch 2
    cpe:2.3:a:isc:bind:9.10.2:p2
  • ISC BIND 9.10.2 P3
    cpe:2.3:a:isc:bind:9.10.2:p3
  • ISC BIND 9.10.2 P4
    cpe:2.3:a:isc:bind:9.10.2:p4
  • ISC BIND 9.10.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.2:rc1
  • ISC BIND 9.10.2 Release Candidate 2
    cpe:2.3:a:isc:bind:9.10.2:rc2
  • ISC BIND 9.10.3
    cpe:2.3:a:isc:bind:9.10.3
  • ISC BIND 9.10.3 Beta 1
    cpe:2.3:a:isc:bind:9.10.3:b1
  • ISC Bind 9.10.3 Patch 1
    cpe:2.3:a:isc:bind:9.10.3:p1
  • ISC Bind 9.10.3 Patch 2
    cpe:2.3:a:isc:bind:9.10.3:p2
  • ISC BIND 9.10.3 Patch 3
    cpe:2.3:a:isc:bind:9.10.3:p3
  • ISC BIND 9.10.3 P4
    cpe:2.3:a:isc:bind:9.10.3:p4
  • ISC BIND 9.10.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.3:rc1
  • ISC BIND 9.10.4
    cpe:2.3:a:isc:bind:9.10.4
  • ISC BIND 9.10.4 Beta 1
    cpe:2.3:a:isc:bind:9.10.4:b1
  • ISC BIND 9.10.4 B2
    cpe:2.3:a:isc:bind:9.10.4:b2
  • ISC BIND 9.10.4 B3
    cpe:2.3:a:isc:bind:9.10.4:b3
  • ISC BIND 9.10.4 Patch 1
    cpe:2.3:a:isc:bind:9.10.4:p1
  • ISC BIND 9.10.4 Patch 2
    cpe:2.3:a:isc:bind:9.10.4:p2
  • ISC BIND 9.10.4 Patch 3
    cpe:2.3:a:isc:bind:9.10.4:p3
  • ISC BIND 9.10.4 Patch 4
    cpe:2.3:a:isc:bind:9.10.4:p4
  • ISC BIND 9.10.4 Patch 5
    cpe:2.3:a:isc:bind:9.10.4:p5
  • ISC BIND 9.10.4 Patch 6
    cpe:2.3:a:isc:bind:9.10.4:p6
  • ISC BIND 9.10.4 Patch 8
    cpe:2.3:a:isc:bind:9.10.4:p8
  • ISC BIND 9.10.4 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.4:rc1
  • ISC BIND 9.10.5
    cpe:2.3:a:isc:bind:9.10.5
  • ISC BIND 9.10.5 Beta 1
    cpe:2.3:a:isc:bind:9.10.5:b1
  • ISC BIND 9.10.5 Patch 1
    cpe:2.3:a:isc:bind:9.10.5:p1
  • ISC BIND 9.10.5 Patch 2
    cpe:2.3:a:isc:bind:9.10.5:p2
  • ISC BIND 9.10.5 Patch 3
    cpe:2.3:a:isc:bind:9.10.5:p3
  • ISC BIND 9.10.5 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.5:rc1
  • ISC BIND 9.10.5 Release Candidate 3
    cpe:2.3:a:isc:bind:9.10.5:rc3
  • ISC BIND 9.10.6
    cpe:2.3:a:isc:bind:9.10.6
  • ISC BIND 9.10.6 Beta 1
    cpe:2.3:a:isc:bind:9.10.6:b1
  • ISC BIND 9.10.6 Patch 1
    cpe:2.3:a:isc:bind:9.10.6:p1
  • ISC BIND 9.10.6 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.6:rc1
  • ISC BIND 9.10.6 Release Candidate 2
    cpe:2.3:a:isc:bind:9.10.6:rc2
  • ISC BIND 9.10.7
    cpe:2.3:a:isc:bind:9.10.7
  • ISC BIND 9.10.7 Beta 1
    cpe:2.3:a:isc:bind:9.10.7:b1
  • ISC BIND 9.10.7 Release Candidate 1
    cpe:2.3:a:isc:bind:9.10.7:rc1
  • ISC BIND 9.10.7 Release Candidate 2
    cpe:2.3:a:isc:bind:9.10.7:rc2
  • ISC BIND 9.11.0
    cpe:2.3:a:isc:bind:9.11.0
  • ISC BIND 9.11.0 Alpha 1
    cpe:2.3:a:isc:bind:9.11.0:a1
  • ISC BIND 9.11.0 Alpha 2
    cpe:2.3:a:isc:bind:9.11.0:a2
  • ISC BIND 9.11.0 Alpha 3
    cpe:2.3:a:isc:bind:9.11.0:a3
  • ISC BIND 9.11.0 Beta 1
    cpe:2.3:a:isc:bind:9.11.0:b1
  • ISC BIND 9.11.0 Beta 2
    cpe:2.3:a:isc:bind:9.11.0:b2
  • ISC BIND 9.11.0 Beta 3
    cpe:2.3:a:isc:bind:9.11.0:b3
  • ISC BIND 9.11.0 Patch 1
    cpe:2.3:a:isc:bind:9.11.0:p1
  • ISC BIND 9.11.0 Patch 2
    cpe:2.3:a:isc:bind:9.11.0:p2
  • ISC BIND 9.11.0 Patch 3
    cpe:2.3:a:isc:bind:9.11.0:p3
  • ISC BIND 9.11.0 Patch 5
    cpe:2.3:a:isc:bind:9.11.0:p5
  • ISC BIND 9.11.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.11.0:rc1
  • ISC BIND 9.11.0 Release Candidate 3
    cpe:2.3:a:isc:bind:9.11.0:rc3
  • ISC BIND 9.11.1
    cpe:2.3:a:isc:bind:9.11.1
  • ISC BIND 9.11.1 Beta 1
    cpe:2.3:a:isc:bind:9.11.1:b1
  • ISC BIND 9.11.1 Patch 3
    cpe:2.3:a:isc:bind:9.11.1:p3
  • ISC BIND 9.11.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.11.1:rc1
  • ISC BIND 9.11.1 Release Candidate 3
    cpe:2.3:a:isc:bind:9.11.1:rc3
  • ISC BIND 9.11.2
    cpe:2.3:a:isc:bind:9.11.2
  • ISC BIND 9.11.2 Beta 1
    cpe:2.3:a:isc:bind:9.11.2:b1
  • ISC BIND 9.11.2 Patch 1
    cpe:2.3:a:isc:bind:9.11.2:p1
  • ISC BIND 9.11.2 Release Candidate 1
    cpe:2.3:a:isc:bind:9.11.2:rc1
  • ISC BIND 9.11.2 Release Candidate 2
    cpe:2.3:a:isc:bind:9.11.2:rc2
  • ISC BIND 9.11.3
    cpe:2.3:a:isc:bind:9.11.3
  • ISC BIND 9.11.3 Beta 1
    cpe:2.3:a:isc:bind:9.11.3:b1
  • ISC BIND 9.11.3 Release Candidate 1
    cpe:2.3:a:isc:bind:9.11.3:rc1
  • ISC BIND 9.11.3 Release Candidate 2
    cpe:2.3:a:isc:bind:9.11.3:rc2
  • ISC BIND 9.12.0
    cpe:2.3:a:isc:bind:9.12.0
  • ISC BIND 9.12.0 Alpha 1
    cpe:2.3:a:isc:bind:9.12.0:a1
  • ISC BIND 9.12.0 Beta 1
    cpe:2.3:a:isc:bind:9.12.0:b1
  • ISC BIND 9.12.0 Beta 2
    cpe:2.3:a:isc:bind:9.12.0:b2
  • ISC BIND 9.12.0 Release Candidate 1
    cpe:2.3:a:isc:bind:9.12.0:rc1
  • ISC BIND 9.12.0 Release Candidate 3
    cpe:2.3:a:isc:bind:9.12.0:rc3
  • ISC BIND 9.12.1
    cpe:2.3:a:isc:bind:9.12.1
  • ISC BIND 9.12.1 Beta 1
    cpe:2.3:a:isc:bind:9.12.1:b1
  • ISC BIND 9.12.1 Release Candidate 1
    cpe:2.3:a:isc:bind:9.12.1:rc1
  • ISC BIND 9.12.1 Release Candidate 2
    cpe:2.3:a:isc:bind:9.12.1:rc2
  • ISC BIND 9.13.0
    cpe:2.3:a:isc:bind:9.13.0
  • ISC BIND 9.13.1
    cpe:2.3:a:isc:bind:9.13.1
  • Red Hat Enterprise Linux Desktop 6.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
  • RedHat Enterprise Linux Desktop 7.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
  • Red Hat Enterprise Linux Server 6.0
    cpe:2.3:o:redhat:enterprise_linux_server:6.0
  • RedHat Enterprise Linux Server 7.0
    cpe:2.3:o:redhat:enterprise_linux_server:7.0
  • Red Hat Enterprise Linux Server Advanced mission critical Update Support (AUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.5
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6
  • Red Hat Enterprise Linux Workstation 6.0
    cpe:2.3:o:redhat:enterprise_linux_workstation:6.0
  • RedHat Enterprise Linux Workstation 7.0
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
  • Debian Linux 8.0 (Jessie)
    cpe:2.3:o:debian:debian_linux:8.0
  • cpe:2.3:a:netapp:data_ontap_edge
    cpe:2.3:a:netapp:data_ontap_edge
  • Canonical Ubuntu Linux 12.04 ESM (Extended Security Maintenance)
    cpe:2.3:o:canonical:ubuntu_linux:12.04:-:-:-:esm
  • Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts
  • Canonical Ubuntu Linux 16.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:16.04:-:-:-:lts
  • Canonical Ubuntu Linux 18.04 LTS Edition
    cpe:2.3:o:canonical:ubuntu_linux:18.04:-:-:-:lts
CVSS
Base: 5.0
Impact:
Exploitability:
CWE CWE-617
CAPEC
nessus via4
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2018-0252.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Fix (CVE-2018-5740) - Fix (CVE-2017-3145) - Change EDNS flags only after successful query (#1416035) - Fix crash in ldap driver at bind-sdb stop (#1426626) - Fix (CVE-2017-3142, CVE-2017-3143) - Update root servers and trust anchors - Fix DNSKEY that encountered a CNAME (#1447872, ISC change 3391) - Fix CVE-2017-3136 (ISC change 4575) - Fix CVE-2017-3137 (ISC change 4578)
    last seen 2019-02-21
    modified 2019-02-12
    plugin id 112170
    published 2018-08-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=112170
    title OracleVM 3.3 / 3.4 : bind (OVMSA-2018-0252)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2018-2571.NASL
    description From Red Hat Security Advisory 2018:2571 : An update for bind is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * bind: processing of certain records when 'deny-answer-aliases' is in use may trigger an assert leading to a denial of service (CVE-2018-5740) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) as the original reporter.
    last seen 2019-02-21
    modified 2019-02-14
    plugin id 112130
    published 2018-08-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=112130
    title Oracle Linux 6 : bind (ELSA-2018-2571)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1328.NASL
    description According to the version of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A denial of service flaw was discovered in bind versions that include the 'deny-answer-aliases' feature. This flaw may allow a remote attacker to trigger an INSIST assert in named leading to termination of the process and a denial of service condition.(CVE-2018-5740) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-19
    plugin id 118416
    published 2018-10-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118416
    title EulerOS Virtualization 2.5.1 : bind (EulerOS-SA-2018-1328)
  • NASL family DNS
    NASL id BIND9_9122_P1.NASL
    description According to its self-reported version number, the instance of ISC BIND running on the remote name server is 9.x.x prior to 9.9.13-P1, 9.10.x prior to 9.10.8-P1, 9.11.x prior to 9.11.4-P1, or 9.12.x prior to 9.12.2-P1. It is, therefore, affected by a denial of service vulnerability in the deny-answer-aliases feature.
    last seen 2019-02-21
    modified 2018-12-07
    plugin id 111790
    published 2018-08-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111790
    title ISC BIND 9.x.x < 9.9.13-P1 / 9.10.x < 9.10.8-P1 / 9.11.x < 9.11.4-P1 / 9.12.x < 9.12.2-P1 deny-answer-aliases DoS Vulnerability
  • NASL family Junos Local Security Checks
    NASL id JUNIPER_SPACE_JSA10917_184R1.NASL
    description According to its self-reported version number, the remote Junos Space version is 18.4.x prior to 18.4R1. It is, therefore, affected by multiple vulnerabilities : - An integer overflow issue exists in procps-ng. This is related to CVE-2018-1124. (CVE-2018-1126) - A directory traversal issue exits in reposync, a part of yum-utils.tory configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. (CVE-2018-10897) - An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID binary could use this flaw to escalate their privileges on the system. (CVE-2018-14634) Additionally, Junos Space is affected by several other vulnerabilities exist as noted in the vendor advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2019-01-10
    plugin id 121068
    published 2019-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121068
    title Juniper Junos Space 18.4.x < 18.4R1 Multiple Vulnerabilities (JSA10917)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-1485.NASL
    description CVE-2018-5740 The 'deny-answer-aliases' feature in BIND has a flaw which can cause named to exit with an assertion failure. For Debian 8 'Jessie', this problem has been fixed in version 1:9.9.5.dfsg-9+deb8u16. We recommend that you upgrade your bind9 packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-14
    plugin id 112197
    published 2018-08-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=112197
    title Debian DLA-1485-1 : bind9 security update
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-90F8FBD58E.NASL
    description Update to 9.11.4-P1 - Fixes CVE-2018-5738 - Adds root key sentinel mechanism support - incremental zone transfer limit to prevent journal corruption - rndc reload memory leak Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-22
    modified 2019-02-21
    plugin id 112068
    published 2018-08-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=112068
    title Fedora 27 : 32:bind (2018-90f8fbd58e)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-2571.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * bind: processing of certain records when 'deny-answer-aliases' is in use may trigger an assert leading to a denial of service (CVE-2018-5740) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) as the original reporter.
    last seen 2019-02-21
    modified 2019-02-14
    plugin id 112134
    published 2018-08-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=112134
    title RHEL 6 : bind (RHSA-2018:2571)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1281.NASL
    description According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A denial of service flaw was discovered in bind versions that include the 'deny-answer-aliases' feature. This flaw may allow a remote attacker to trigger an INSIST assert in named leading to termination of the process and a denial of service condition.(CVE-2018-5740) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-19
    plugin id 117725
    published 2018-09-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117725
    title EulerOS 2.0 SP2 : bind (EulerOS-SA-2018-1281)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1282.NASL
    description According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A denial of service flaw was discovered in bind versions that include the 'deny-answer-aliases' feature. This flaw may allow a remote attacker to trigger an INSIST assert in named leading to termination of the process and a denial of service condition.(CVE-2018-5740) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-19
    plugin id 117726
    published 2018-09-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117726
    title EulerOS 2.0 SP3 : bind (EulerOS-SA-2018-1282)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20180827_BIND_ON_SL6_X.NASL
    description Security Fix(es) : - bind: processing of certain records when 'deny-answer-aliases' is in use may trigger an assert leading to a denial of service (CVE-2018-5740)
    last seen 2019-02-21
    modified 2019-02-14
    plugin id 112135
    published 2018-08-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=112135
    title Scientific Linux Security Update : bind on SL6.x i386/x86_64
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2018-222-01.NASL
    description New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
    last seen 2019-02-15
    modified 2019-02-14
    plugin id 111660
    published 2018-08-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111660
    title Slackware 14.0 / 14.1 / 14.2 / current : bind (SSA:2018-222-01)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2018-2570.NASL
    description From Red Hat Security Advisory 2018:2570 : An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * bind: processing of certain records when 'deny-answer-aliases' is in use may trigger an assert leading to a denial of service (CVE-2018-5740) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) as the original reporter.
    last seen 2019-02-21
    modified 2019-02-14
    plugin id 112129
    published 2018-08-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=112129
    title Oracle Linux 7 : bind (ELSA-2018-2570)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1343.NASL
    description According to the version of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A denial of service flaw was discovered in bind versions that include the 'deny-answer-aliases' feature. This flaw may allow a remote attacker to trigger an INSIST assert in named leading to termination of the process and a denial of service condition.(CVE-2018-5740) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-19
    plugin id 118431
    published 2018-10-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118431
    title EulerOS Virtualization 2.5.0 : bind (EulerOS-SA-2018-1343)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3769-1.NASL
    description It was discovered that Bind incorrectly handled the deny-answer-aliases feature. If this feature is enabled, a remote attacker could use this issue to cause Bind to crash, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-14
    plugin id 117630
    published 2018-09-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117630
    title Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : bind9 vulnerability (USN-3769-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-2570.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * bind: processing of certain records when 'deny-answer-aliases' is in use may trigger an assert leading to a denial of service (CVE-2018-5740) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) as the original reporter.
    last seen 2019-02-21
    modified 2019-02-14
    plugin id 112133
    published 2018-08-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=112133
    title RHEL 7 : bind (RHSA-2018:2570)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20180827_BIND_ON_SL7_X.NASL
    description Security Fix(es) : - bind: processing of certain records when 'deny-answer-aliases' is in use may trigger an assert leading to a denial of service (CVE-2018-5740)
    last seen 2019-02-21
    modified 2019-02-14
    plugin id 112136
    published 2018-08-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=112136
    title Scientific Linux Security Update : bind on SL7.x x86_64
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2018-1082.NASL
    description A denial of service flaw was discovered in bind versions that include the 'deny-answer-aliases' feature. This flaw may allow a remote attacker to trigger an INSIST assert in named leading to termination of the process and a denial of service condition.(CVE-2018-5740)
    last seen 2019-02-21
    modified 2019-02-14
    plugin id 117606
    published 2018-09-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117606
    title Amazon Linux AMI : bind (ALAS-2018-1082)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2018-2571.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * bind: processing of certain records when 'deny-answer-aliases' is in use may trigger an assert leading to a denial of service (CVE-2018-5740) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) as the original reporter.
    last seen 2019-02-21
    modified 2019-02-14
    plugin id 112165
    published 2018-08-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=112165
    title CentOS 6 : bind (CESA-2018:2571)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-5417CA3713.NASL
    description Update to last security release - Fixes CVE-2018-5738 - Adds root key sentinel mechanism support - incremental zone transfer limit to prevent journal corruption - rndc reload memory leak Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-22
    modified 2019-02-21
    plugin id 120429
    published 2019-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120429
    title Fedora 28 : 32:bind (2018-5417ca3713)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2018-2570.NASL
    description An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es) : * bind: processing of certain records when 'deny-answer-aliases' is in use may trigger an assert leading to a denial of service (CVE-2018-5740) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Tony Finch (University of Cambridge) as the original reporter.
    last seen 2019-02-21
    modified 2019-02-14
    plugin id 112164
    published 2018-08-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=112164
    title CentOS 7 : bind (CESA-2018:2570)
  • NASL family Amazon Linux Local Security Checks
    NASL id AL2_ALAS-2018-1082.NASL
    description A denial of service flaw was discovered in bind versions that include the 'deny-answer-aliases' feature. This flaw may allow a remote attacker to trigger an INSIST assert in named leading to termination of the process and a denial of service condition.(CVE-2018-5740)
    last seen 2019-02-21
    modified 2019-02-14
    plugin id 117710
    published 2018-09-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117710
    title Amazon Linux 2 : bind (ALAS-2018-1082)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL98528405.NASL
    description A flaw in the 'deny-answer-aliases' feature can cause an INSIST assertion failure in named. (CVE-2018-5740) Impact A flaw in a rarely used BIND feature can cause an assertion failure in named . As a result, the bind process restarts.
    last seen 2019-02-21
    modified 2019-02-14
    plugin id 118724
    published 2018-11-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118724
    title F5 Networks BIG-IP : BIG-IP BIND vulnerability (K98528405)
redhat via4
advisories
  • bugzilla
    id 1613595
    title is in use may trigger an assert leading to a denial of service
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhba:tst:20150364001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhba:tst:20150364002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhba:tst:20150364003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20150364004
    • OR
      • AND
        • comment bind is earlier than 32:9.9.4-61.el7_5.1
          oval oval:com.redhat.rhsa:tst:20182570017
        • comment bind is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651006
      • AND
        • comment bind-chroot is earlier than 32:9.9.4-61.el7_5.1
          oval oval:com.redhat.rhsa:tst:20182570015
        • comment bind-chroot is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651014
      • AND
        • comment bind-devel is earlier than 32:9.9.4-61.el7_5.1
          oval oval:com.redhat.rhsa:tst:20182570009
        • comment bind-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651016
      • AND
        • comment bind-libs is earlier than 32:9.9.4-61.el7_5.1
          oval oval:com.redhat.rhsa:tst:20182570007
        • comment bind-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651012
      • AND
        • comment bind-libs-lite is earlier than 32:9.9.4-61.el7_5.1
          oval oval:com.redhat.rhsa:tst:20182570027
        • comment bind-libs-lite is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20171767022
      • AND
        • comment bind-license is earlier than 32:9.9.4-61.el7_5.1
          oval oval:com.redhat.rhsa:tst:20182570031
        • comment bind-license is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20171767032
      • AND
        • comment bind-lite-devel is earlier than 32:9.9.4-61.el7_5.1
          oval oval:com.redhat.rhsa:tst:20182570019
        • comment bind-lite-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20171767028
      • AND
        • comment bind-pkcs11 is earlier than 32:9.9.4-61.el7_5.1
          oval oval:com.redhat.rhsa:tst:20182570005
        • comment bind-pkcs11 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20171767024
      • AND
        • comment bind-pkcs11-devel is earlier than 32:9.9.4-61.el7_5.1
          oval oval:com.redhat.rhsa:tst:20182570021
        • comment bind-pkcs11-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20171767030
      • AND
        • comment bind-pkcs11-libs is earlier than 32:9.9.4-61.el7_5.1
          oval oval:com.redhat.rhsa:tst:20182570029
        • comment bind-pkcs11-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20171767014
      • AND
        • comment bind-pkcs11-utils is earlier than 32:9.9.4-61.el7_5.1
          oval oval:com.redhat.rhsa:tst:20182570013
        • comment bind-pkcs11-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20171767010
      • AND
        • comment bind-sdb is earlier than 32:9.9.4-61.el7_5.1
          oval oval:com.redhat.rhsa:tst:20182570025
        • comment bind-sdb is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651010
      • AND
        • comment bind-sdb-chroot is earlier than 32:9.9.4-61.el7_5.1
          oval oval:com.redhat.rhsa:tst:20182570023
        • comment bind-sdb-chroot is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20171767016
      • AND
        • comment bind-utils is earlier than 32:9.9.4-61.el7_5.1
          oval oval:com.redhat.rhsa:tst:20182570011
        • comment bind-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651008
    rhsa
    id RHSA-2018:2570
    released 2018-08-27
    severity Important
    title RHSA-2018:2570: bind security update (Important)
  • bugzilla
    id 1613595
    title is in use may trigger an assert leading to a denial of service
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment bind is earlier than 32:9.8.2-0.68.rc1.el6_10.1
          oval oval:com.redhat.rhsa:tst:20182571007
        • comment bind is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651006
      • AND
        • comment bind-chroot is earlier than 32:9.8.2-0.68.rc1.el6_10.1
          oval oval:com.redhat.rhsa:tst:20182571011
        • comment bind-chroot is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651014
      • AND
        • comment bind-devel is earlier than 32:9.8.2-0.68.rc1.el6_10.1
          oval oval:com.redhat.rhsa:tst:20182571009
        • comment bind-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651016
      • AND
        • comment bind-libs is earlier than 32:9.8.2-0.68.rc1.el6_10.1
          oval oval:com.redhat.rhsa:tst:20182571013
        • comment bind-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651012
      • AND
        • comment bind-sdb is earlier than 32:9.8.2-0.68.rc1.el6_10.1
          oval oval:com.redhat.rhsa:tst:20182571005
        • comment bind-sdb is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651010
      • AND
        • comment bind-utils is earlier than 32:9.8.2-0.68.rc1.el6_10.1
          oval oval:com.redhat.rhsa:tst:20182571015
        • comment bind-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20170651008
    rhsa
    id RHSA-2018:2571
    released 2018-08-27
    severity Important
    title RHSA-2018:2571: bind security update (Important)
rpms
  • bind-32:9.9.4-61.el7_5.1
  • bind-chroot-32:9.9.4-61.el7_5.1
  • bind-devel-32:9.9.4-61.el7_5.1
  • bind-libs-32:9.9.4-61.el7_5.1
  • bind-libs-lite-32:9.9.4-61.el7_5.1
  • bind-license-32:9.9.4-61.el7_5.1
  • bind-lite-devel-32:9.9.4-61.el7_5.1
  • bind-pkcs11-32:9.9.4-61.el7_5.1
  • bind-pkcs11-devel-32:9.9.4-61.el7_5.1
  • bind-pkcs11-libs-32:9.9.4-61.el7_5.1
  • bind-pkcs11-utils-32:9.9.4-61.el7_5.1
  • bind-sdb-32:9.9.4-61.el7_5.1
  • bind-sdb-chroot-32:9.9.4-61.el7_5.1
  • bind-utils-32:9.9.4-61.el7_5.1
  • bind-32:9.8.2-0.68.rc1.el6_10.1
  • bind-chroot-32:9.8.2-0.68.rc1.el6_10.1
  • bind-devel-32:9.8.2-0.68.rc1.el6_10.1
  • bind-libs-32:9.8.2-0.68.rc1.el6_10.1
  • bind-sdb-32:9.8.2-0.68.rc1.el6_10.1
  • bind-utils-32:9.8.2-0.68.rc1.el6_10.1
refmap via4
bid 105055
confirm
gentoo GLSA-201903-13
mlist [debian-lts-announce] 20180830 [SECURITY] [DLA 1485-1] bind9 security update
sectrack 1041436
ubuntu
  • USN-3769-1
  • USN-3769-2
Last major update 16-01-2019 - 15:29
Published 16-01-2019 - 15:29
Last modified 02-10-2019 - 20:03
Back to Top