Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-5740 (GCVE-0-2018-5740)
Vulnerability from cvelistv5 – Published: 2019-01-16 20:00 – Updated: 2024-09-16 17:58
VLAI?
EPSS
Title
A flaw in the "deny-answer-aliases" feature can cause an assertion failure in named
Summary
"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.
Severity ?
7.5 (High)
CWE
- Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients.
- Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients. Only servers which have explicitly enabled the "deny-answer-aliases" feature are at risk and disabling the feature prevents exploitation.
Assigner
References
14 references
Impacted products
Date Public ?
2018-08-08 00:00
Credits
ISC would like to thank Tony Finch of the University of Cambridge for reporting this issue.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:40:51.365Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105055",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105055"
},
{
"name": "[debian-lts-announce] 20180830 [SECURITY] [DLA 1485-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"
},
{
"name": "RHSA-2018:2570",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2570"
},
{
"name": "RHSA-2018:2571",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2571"
},
{
"name": "USN-3769-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3769-2/"
},
{
"name": "1041436",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041436"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0003/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.isc.org/docs/aa-01639"
},
{
"name": "USN-3769-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3769-1/"
},
{
"name": "GLSA-201903-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201903-13"
},
{
"name": "openSUSE-SU-2019:1533",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"
},
{
"name": "openSUSE-SU-2019:1532",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us"
},
{
"name": "[debian-lts-announce] 20211102 [SECURITY] [DLA 2807-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BIND 9",
"vendor": "ISC",
"versions": [
{
"status": "affected",
"version": "BIND 9 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Only servers which have explicitly enabled the \"deny-answer-aliases\" feature are at risk and disabling the feature prevents exploitation."
}
],
"credits": [
{
"lang": "en",
"value": "ISC would like to thank Tony Finch of the University of Cambridge for reporting this issue."
}
],
"datePublic": "2018-08-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients.",
"lang": "en",
"type": "text"
},
{
"description": "Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients. Only servers which have explicitly enabled the \"deny-answer-aliases\" feature are at risk and disabling the feature prevents exploitation.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-02T03:06:16.000Z",
"orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"shortName": "isc"
},
"references": [
{
"name": "105055",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105055"
},
{
"name": "[debian-lts-announce] 20180830 [SECURITY] [DLA 1485-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"
},
{
"name": "RHSA-2018:2570",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2570"
},
{
"name": "RHSA-2018:2571",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2571"
},
{
"name": "USN-3769-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3769-2/"
},
{
"name": "1041436",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041436"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0003/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.isc.org/docs/aa-01639"
},
{
"name": "USN-3769-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3769-1/"
},
{
"name": "GLSA-201903-13",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201903-13"
},
{
"name": "openSUSE-SU-2019:1533",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"
},
{
"name": "openSUSE-SU-2019:1532",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us"
},
{
"name": "[debian-lts-announce] 20211102 [SECURITY] [DLA 2807-1] bind9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"
}
],
"solutions": [
{
"lang": "en",
"value": "Most operators will not need to make any changes unless they are using the \"deny-answer-aliases\" feature (which is described in the BIND 9 Adminstrator Reference Manual section 6.2.) \"deny-answer-aliases\" is off by default; only configurations which explicitly enable it can be affected by this defect.\n\nIf you are using \"deny-answer-aliases\", upgrade to the patched release most closely related to your current version of BIND.\n\n 9.9.13-P1\n 9.10.8-P1\n 9.11.4-P1\n 9.12.2-P1\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n 9.11.3-S3"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "A flaw in the \"deny-answer-aliases\" feature can cause an assertion failure in named",
"workarounds": [
{
"lang": "en",
"value": "This vulnerability can be avoided by disabling the \"deny-answer-aliases\" feature if it is in use."
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2018-08-08T08:00:00.000Z",
"ID": "CVE-2018-5740",
"STATE": "PUBLIC",
"TITLE": "A flaw in the \"deny-answer-aliases\" feature can cause an assertion failure in named"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_name": "BIND 9",
"version_value": "9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Only servers which have explicitly enabled the \"deny-answer-aliases\" feature are at risk and disabling the feature prevents exploitation."
}
],
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Tony Finch of the University of Cambridge for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients."
},
{
"lang": "eng",
"value": "Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients. Only servers which have explicitly enabled the \"deny-answer-aliases\" feature are at risk and disabling the feature prevents exploitation."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105055",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105055"
},
{
"name": "[debian-lts-announce] 20180830 [SECURITY] [DLA 1485-1] bind9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"
},
{
"name": "RHSA-2018:2570",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2570"
},
{
"name": "RHSA-2018:2571",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2571"
},
{
"name": "USN-3769-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3769-2/"
},
{
"name": "1041436",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041436"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180926-0003/"
},
{
"name": "https://kb.isc.org/docs/aa-01639",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01639"
},
{
"name": "USN-3769-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3769-1/"
},
{
"name": "GLSA-201903-13",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201903-13"
},
{
"name": "openSUSE-SU-2019:1533",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"
},
{
"name": "openSUSE-SU-2019:1532",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us"
},
{
"name": "[debian-lts-announce] 20211102 [SECURITY] [DLA 2807-1] bind9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "Most operators will not need to make any changes unless they are using the \"deny-answer-aliases\" feature (which is described in the BIND 9 Adminstrator Reference Manual section 6.2.) \"deny-answer-aliases\" is off by default; only configurations which explicitly enable it can be affected by this defect.\n\nIf you are using \"deny-answer-aliases\", upgrade to the patched release most closely related to your current version of BIND.\n\n 9.9.13-P1\n 9.10.8-P1\n 9.11.4-P1\n 9.12.2-P1\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n 9.11.3-S3"
}
],
"source": {
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "This vulnerability can be avoided by disabling the \"deny-answer-aliases\" feature if it is in use."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
"assignerShortName": "isc",
"cveId": "CVE-2018-5740",
"datePublished": "2019-01-16T20:00:00.000Z",
"dateReserved": "2018-01-17T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:58:43.029Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2018-5740",
"date": "2026-05-24",
"epss": "0.6453",
"percentile": "0.98474"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.7.0\", \"versionEndExcluding\": \"9.8.8\", \"matchCriteriaId\": \"DCCA7B30-3344-4718-8B34-FE60CCE4487C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.9.0\", \"versionEndExcluding\": \"9.9.13\", \"matchCriteriaId\": \"7F17A1AB-48E7-48B7-97CC-BD270649F856\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.10.0\", \"versionEndExcluding\": \"9.10.8\", \"matchCriteriaId\": \"EF340133-E86A-4A6D-9775-E66B46829700\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.11.0\", \"versionEndExcluding\": \"9.11.4\", \"matchCriteriaId\": \"94AD1D77-45DD-49F2-AA16-6E3A3BF8F5C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.12.0\", \"versionEndExcluding\": \"9.12.2\", \"matchCriteriaId\": \"5464FDED-E02B-486F-8699-CB7B9D623A59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.13.0\", \"versionEndExcluding\": \"9.13.2\", \"matchCriteriaId\": \"0484A7C1-5E99-49A6-BE21-BB201D2D0EFA\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33C068A4-3780-4EAB-A937-6082DF847564\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BBCD86A-E6C7-4444-9D74-F861084090F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51EF4996-72F4-4FA4-814F-F5991E7A8318\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B353CE99-D57C-465B-AAB0-73EF581127D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF77CDCF-B9C9-427D-B2BF-36650FB2148C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*\", \"matchCriteriaId\": \"8D305F7A-D159-4716-AB26-5E38BB5CD991\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"B5A6F2F3-4894-4392-8296-3B8DD2679084\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F480AA32-841A-4E68-9343-B2E7548B0A0C\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1E78106-58E6-4D59-990F-75DA575BFAD9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B620311B-34A3-48A6-82DF-6F078D7A4493\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"\\\"deny-answer-aliases\\\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2.\"}, {\"lang\": \"es\", \"value\": \"\\\"deny-answer-aliases\\\" es una caracter\\u00edstica poco utilizada que pretende ayudar a los operadores recursivos del servidor a proteger a los usuarios finales contra ataques de reenlace DNS, un m\\u00e9todo para poder eludir el modelo de seguridad empleado por los navegadores del cliente. Sin embargo, un defecto en esta caracter\\u00edstica hace que sea sencillo experimentar un fallo de aserci\\u00f3n en name.c. Afecta a BIND desde la versi\\u00f3n 9.7.0 hasta la versi\\u00f3n 9.8.8, desde la versi\\u00f3n 9.9.0 hasta la versi\\u00f3n 9.9.13, desde la versi\\u00f3n 9.10.0 hasta la versi\\u00f3n 9.10.8, desde la versi\\u00f3n 9.11.0 hasta la versi\\u00f3n 9.11.4, desde la versi\\u00f3n 9.12.0 hasta la versi\\u00f3n 9.12.2 y desde la versi\\u00f3n 9.13.0 hasta la versi\\u00f3n 9.13.2.\"}]",
"id": "CVE-2018-5740",
"lastModified": "2024-11-21T04:09:17.547",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV30\": [{\"source\": \"security-officer@isc.org\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2019-01-16T20:29:01.017",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/105055\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1041436\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2570\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2571\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://kb.isc.org/docs/aa-01639\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201903-13\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180926-0003/\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3769-1/\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3769-2/\", \"source\": \"security-officer@isc.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/105055\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1041436\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2570\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2571\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://kb.isc.org/docs/aa-01639\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/201903-13\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180926-0003/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3769-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3769-2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "security-officer@isc.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-617\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-5740\",\"sourceIdentifier\":\"security-officer@isc.org\",\"published\":\"2019-01-16T20:29:01.017\",\"lastModified\":\"2024-11-21T04:09:17.547\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"\\\"deny-answer-aliases\\\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2.\"},{\"lang\":\"es\",\"value\":\"\\\"deny-answer-aliases\\\" es una caracter\u00edstica poco utilizada que pretende ayudar a los operadores recursivos del servidor a proteger a los usuarios finales contra ataques de reenlace DNS, un m\u00e9todo para poder eludir el modelo de seguridad empleado por los navegadores del cliente. Sin embargo, un defecto en esta caracter\u00edstica hace que sea sencillo experimentar un fallo de aserci\u00f3n en name.c. Afecta a BIND desde la versi\u00f3n 9.7.0 hasta la versi\u00f3n 9.8.8, desde la versi\u00f3n 9.9.0 hasta la versi\u00f3n 9.9.13, desde la versi\u00f3n 9.10.0 hasta la versi\u00f3n 9.10.8, desde la versi\u00f3n 9.11.0 hasta la versi\u00f3n 9.11.4, desde la versi\u00f3n 9.12.0 hasta la versi\u00f3n 9.12.2 y desde la versi\u00f3n 9.13.0 hasta la versi\u00f3n 9.13.2.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV30\":[{\"source\":\"security-officer@isc.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-617\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.7.0\",\"versionEndExcluding\":\"9.8.8\",\"matchCriteriaId\":\"DCCA7B30-3344-4718-8B34-FE60CCE4487C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.9.0\",\"versionEndExcluding\":\"9.9.13\",\"matchCriteriaId\":\"7F17A1AB-48E7-48B7-97CC-BD270649F856\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.10.0\",\"versionEndExcluding\":\"9.10.8\",\"matchCriteriaId\":\"EF340133-E86A-4A6D-9775-E66B46829700\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.11.0\",\"versionEndExcluding\":\"9.11.4\",\"matchCriteriaId\":\"94AD1D77-45DD-49F2-AA16-6E3A3BF8F5C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.12.0\",\"versionEndExcluding\":\"9.12.2\",\"matchCriteriaId\":\"5464FDED-E02B-486F-8699-CB7B9D623A59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.13.0\",\"versionEndExcluding\":\"9.13.2\",\"matchCriteriaId\":\"0484A7C1-5E99-49A6-BE21-BB201D2D0EFA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B353CE99-D57C-465B-AAB0-73EF581127D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF77CDCF-B9C9-427D-B2BF-36650FB2148C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"8D305F7A-D159-4716-AB26-5E38BB5CD991\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F480AA32-841A-4E68-9343-B2E7548B0A0C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1E78106-58E6-4D59-990F-75DA575BFAD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/105055\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041436\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2570\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2571\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kb.isc.org/docs/aa-01639\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201903-13\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180926-0003/\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3769-1/\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3769-2/\",\"source\":\"security-officer@isc.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/105055\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041436\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2570\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2571\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://kb.isc.org/docs/aa-01639\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201903-13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180926-0003/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3769-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3769-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
CERTFR-2018-AVI-380
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été découverte dans BIND . Elle permet à un attaquant de provoquer un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| ISC | BIND | BIND versions 9.12.x antérieures à 9.12.2-P1 si "deny-answer-aliases" est activé | ||
| ISC | BIND | BIND versions 9.11.x antérieures à 9.11.4-P1 si "deny-answer-aliases" est activé | ||
| ISC | BIND | BIND versions 9.7.x, 9.8.x et 9.9.x antérieures à 9.9.13-P1 si "deny-answer-aliases" est activé | ||
| ISC | BIND | BIND versions 9.10.x antérieures à 9.10.8-P1 si "deny-answer-aliases" est activé |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "BIND versions 9.12.x ant\u00e9rieures \u00e0 9.12.2-P1 si \"deny-answer-aliases\" est activ\u00e9",
"product": {
"name": "BIND",
"vendor": {
"name": "ISC",
"scada": false
}
}
},
{
"description": "BIND versions 9.11.x ant\u00e9rieures \u00e0 9.11.4-P1 si \"deny-answer-aliases\" est activ\u00e9",
"product": {
"name": "BIND",
"vendor": {
"name": "ISC",
"scada": false
}
}
},
{
"description": "BIND versions 9.7.x, 9.8.x et 9.9.x ant\u00e9rieures \u00e0 9.9.13-P1 si \"deny-answer-aliases\" est activ\u00e9",
"product": {
"name": "BIND",
"vendor": {
"name": "ISC",
"scada": false
}
}
},
{
"description": "BIND versions 9.10.x ant\u00e9rieures \u00e0 9.10.8-P1 si \"deny-answer-aliases\" est activ\u00e9",
"product": {
"name": "BIND",
"vendor": {
"name": "ISC",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-5740",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5740"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-380",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-08-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans BIND . Elle permet \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans BIND",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 BIND CVE-2018-5740 du 08 ao\u00fbt 2018",
"url": "https://kb.isc.org/article/AA-01639/74/CVE-2018-5740%3A-A-flaw-in-the-deny-answer-aliases-feature-can-cause-an-INSIST-assertion-failure-in-named.html"
}
]
}
CERTFR-2019-AVI-014
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Centreon | Web | SRC Series Application Server et Web Administrator versions antérieures à 4.12.0-R1 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 sur vMX Series | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53, 15.1, 15.1X53, 16.1, 17.1, 17.2, 17.3, 17.4, 18.1 sur EX2300/EX3400, EX2300/EX3400 series, EX4600, QFX3K series, QFX5200/QFX5110 series et QFX5k series | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53, 15.1, 15.1X53 sur EX Virtual Chassis Platforms, MX Virtual Chassis Platforms et QFX Virtual Chassis Platforms | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46, 12.3, 12.3X48, 14.1X53, 15.1, 15.1F, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.2X75, 17.3, 17.4, 18.1, 18.2 et 18.2X75 | ||
| N/A | N/A | Juniper ATP | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53, 18.1, 18.2 sur EX2300 et EX3400 series | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2 sur MX Series | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48, 15.1X49, 17.3, 17.4, 18.1 et 18.2 sur SRX Series | ||
| Juniper Networks | Junos Space | Junos Space | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46, 12.3X48, 15.1X49 sur SRX Series | ||
| Juniper Networks | Junos OS | Tous produits et toutes plateformes exécutant Junos OS | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75, 17.4, 18.1 et 18.2 sur QFX et PTX Series |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SRC Series Application Server et Web Administrator versions ant\u00e9rieures \u00e0 4.12.0-R1",
"product": {
"name": "Web",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 sur vMX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53, 15.1, 15.1X53, 16.1, 17.1, 17.2, 17.3, 17.4, 18.1 sur EX2300/EX3400, EX2300/EX3400 series, EX4600, QFX3K series, QFX5200/QFX5110 series et QFX5k series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53, 15.1, 15.1X53 sur EX Virtual Chassis Platforms, MX Virtual Chassis Platforms et QFX Virtual Chassis Platforms",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46, 12.3, 12.3X48, 14.1X53, 15.1, 15.1F, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.2X75, 17.3, 17.4, 18.1, 18.2 et 18.2X75",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper ATP",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53, 18.1, 18.2 sur EX2300 et EX3400 series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2 sur MX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48, 15.1X49, 17.3, 17.4, 18.1 et 18.2 sur SRX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46, 12.3X48, 15.1X49 sur SRX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Tous produits et toutes plateformes ex\u00e9cutant Junos OS",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75, 17.4, 18.1 et 18.2 sur QFX et PTX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-0010",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0010"
},
{
"name": "CVE-2018-10901",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10901"
},
{
"name": "CVE-2018-0737",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0737"
},
{
"name": "CVE-2017-18258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
},
{
"name": "CVE-2018-5683",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5683"
},
{
"name": "CVE-2019-0003",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0003"
},
{
"name": "CVE-2019-0007",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0007"
},
{
"name": "CVE-2018-5391",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5391"
},
{
"name": "CVE-2017-13672",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13672"
},
{
"name": "CVE-2017-0861",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0861"
},
{
"name": "CVE-2018-7566",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7566"
},
{
"name": "CVE-2019-0027",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0027"
},
{
"name": "CVE-2019-0030",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0030"
},
{
"name": "CVE-2017-1000379",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000379"
},
{
"name": "CVE-2019-0001",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0001"
},
{
"name": "CVE-2018-14634",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14634"
},
{
"name": "CVE-2019-0002",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0002"
},
{
"name": "CVE-2019-0013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0013"
},
{
"name": "CVE-2019-0023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0023"
},
{
"name": "CVE-2016-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4447"
},
{
"name": "CVE-2018-10675",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10675"
},
{
"name": "CVE-2016-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4448"
},
{
"name": "CVE-2017-3137",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3137"
},
{
"name": "CVE-2015-1283",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1283"
},
{
"name": "CVE-2016-3705",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3705"
},
{
"name": "CVE-2017-3142",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3142"
},
{
"name": "CVE-2018-10872",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10872"
},
{
"name": "CVE-2019-0015",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0015"
},
{
"name": "CVE-2019-0005",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0005"
},
{
"name": "CVE-2019-0009",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0009"
},
{
"name": "CVE-2018-7858",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7858"
},
{
"name": "CVE-2019-0024",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0024"
},
{
"name": "CVE-2019-0025",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0025"
},
{
"name": "CVE-2017-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3143"
},
{
"name": "CVE-2018-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3620"
},
{
"name": "CVE-2017-7375",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
},
{
"name": "CVE-2019-0011",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0011"
},
{
"name": "CVE-2018-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3639"
},
{
"name": "CVE-2017-15265",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15265"
},
{
"name": "CVE-2019-0012",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0012"
},
{
"name": "CVE-2017-11610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11610"
},
{
"name": "CVE-2018-5748",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5748"
},
{
"name": "CVE-2019-0004",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0004"
},
{
"name": "CVE-2019-0017",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0017"
},
{
"name": "CVE-2018-1126",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1126"
},
{
"name": "CVE-2018-3665",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3665"
},
{
"name": "CVE-2017-1000366",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000366"
},
{
"name": "CVE-2016-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3627"
},
{
"name": "CVE-2018-12020",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12020"
},
{
"name": "CVE-2018-5390",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5390"
},
{
"name": "CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"name": "CVE-2018-12384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12384"
},
{
"name": "CVE-2018-10897",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10897"
},
{
"name": "CVE-2019-0021",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0021"
},
{
"name": "CVE-2018-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9251"
},
{
"name": "CVE-2019-0016",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0016"
},
{
"name": "CVE-2018-1124",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1124"
},
{
"name": "CVE-2018-8897",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8897"
},
{
"name": "CVE-2019-0022",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0022"
},
{
"name": "CVE-2017-1000364",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000364"
},
{
"name": "CVE-2018-0732",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0732"
},
{
"name": "CVE-2018-1050",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1050"
},
{
"name": "CVE-2019-0014",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0014"
},
{
"name": "CVE-2018-3693",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3693"
},
{
"name": "CVE-2018-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10911"
},
{
"name": "CVE-2019-0026",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0026"
},
{
"name": "CVE-2019-0029",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0029"
},
{
"name": "CVE-2019-0020",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0020"
},
{
"name": "CVE-2018-5740",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5740"
},
{
"name": "CVE-2017-2619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2619"
},
{
"name": "CVE-2019-0018",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0018"
},
{
"name": "CVE-2018-1000004",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000004"
},
{
"name": "CVE-2019-0006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0006"
},
{
"name": "CVE-2016-4449",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4449"
},
{
"name": "CVE-2017-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3136"
},
{
"name": "CVE-2011-3389",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
},
{
"name": "CVE-2017-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3145"
},
{
"name": "CVE-2018-1064",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1064"
},
{
"name": "CVE-2018-10301",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10301"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-014",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-01-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10906 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10906\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10910 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10910\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10911 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10911\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10907 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10907\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10912 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10912\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10913 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10913\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10919 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10919\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10905 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10905\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10902 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10902\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10917 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10917\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10904 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10904\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10915 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10915\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10916 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10916\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10914 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10914\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10900 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10900\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10909 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10909\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10901 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10901\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10918 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10918\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10903 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10903\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CERTFR-2018-AVI-380
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été découverte dans BIND . Elle permet à un attaquant de provoquer un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| ISC | BIND | BIND versions 9.12.x antérieures à 9.12.2-P1 si "deny-answer-aliases" est activé | ||
| ISC | BIND | BIND versions 9.11.x antérieures à 9.11.4-P1 si "deny-answer-aliases" est activé | ||
| ISC | BIND | BIND versions 9.7.x, 9.8.x et 9.9.x antérieures à 9.9.13-P1 si "deny-answer-aliases" est activé | ||
| ISC | BIND | BIND versions 9.10.x antérieures à 9.10.8-P1 si "deny-answer-aliases" est activé |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "BIND versions 9.12.x ant\u00e9rieures \u00e0 9.12.2-P1 si \"deny-answer-aliases\" est activ\u00e9",
"product": {
"name": "BIND",
"vendor": {
"name": "ISC",
"scada": false
}
}
},
{
"description": "BIND versions 9.11.x ant\u00e9rieures \u00e0 9.11.4-P1 si \"deny-answer-aliases\" est activ\u00e9",
"product": {
"name": "BIND",
"vendor": {
"name": "ISC",
"scada": false
}
}
},
{
"description": "BIND versions 9.7.x, 9.8.x et 9.9.x ant\u00e9rieures \u00e0 9.9.13-P1 si \"deny-answer-aliases\" est activ\u00e9",
"product": {
"name": "BIND",
"vendor": {
"name": "ISC",
"scada": false
}
}
},
{
"description": "BIND versions 9.10.x ant\u00e9rieures \u00e0 9.10.8-P1 si \"deny-answer-aliases\" est activ\u00e9",
"product": {
"name": "BIND",
"vendor": {
"name": "ISC",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-5740",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5740"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-380",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-08-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans BIND . Elle permet \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans BIND",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 BIND CVE-2018-5740 du 08 ao\u00fbt 2018",
"url": "https://kb.isc.org/article/AA-01639/74/CVE-2018-5740%3A-A-flaw-in-the-deny-answer-aliases-feature-can-cause-an-INSIST-assertion-failure-in-named.html"
}
]
}
CERTFR-2019-AVI-014
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Centreon | Web | SRC Series Application Server et Web Administrator versions antérieures à 4.12.0-R1 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 sur vMX Series | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53, 15.1, 15.1X53, 16.1, 17.1, 17.2, 17.3, 17.4, 18.1 sur EX2300/EX3400, EX2300/EX3400 series, EX4600, QFX3K series, QFX5200/QFX5110 series et QFX5k series | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53, 15.1, 15.1X53 sur EX Virtual Chassis Platforms, MX Virtual Chassis Platforms et QFX Virtual Chassis Platforms | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46, 12.3, 12.3X48, 14.1X53, 15.1, 15.1F, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.2X75, 17.3, 17.4, 18.1, 18.2 et 18.2X75 | ||
| N/A | N/A | Juniper ATP | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53, 18.1, 18.2 sur EX2300 et EX3400 series | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2 sur MX Series | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48, 15.1X49, 17.3, 17.4, 18.1 et 18.2 sur SRX Series | ||
| Juniper Networks | Junos Space | Junos Space | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46, 12.3X48, 15.1X49 sur SRX Series | ||
| Juniper Networks | Junos OS | Tous produits et toutes plateformes exécutant Junos OS | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75, 17.4, 18.1 et 18.2 sur QFX et PTX Series |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SRC Series Application Server et Web Administrator versions ant\u00e9rieures \u00e0 4.12.0-R1",
"product": {
"name": "Web",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 sur vMX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53, 15.1, 15.1X53, 16.1, 17.1, 17.2, 17.3, 17.4, 18.1 sur EX2300/EX3400, EX2300/EX3400 series, EX4600, QFX3K series, QFX5200/QFX5110 series et QFX5k series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53, 15.1, 15.1X53 sur EX Virtual Chassis Platforms, MX Virtual Chassis Platforms et QFX Virtual Chassis Platforms",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46, 12.3, 12.3X48, 14.1X53, 15.1, 15.1F, 15.1X49, 15.1X53, 16.1, 16.2, 17.1, 17.2, 17.2X75, 17.3, 17.4, 18.1, 18.2 et 18.2X75",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper ATP",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53, 18.1, 18.2 sur EX2300 et EX3400 series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1, 16.2, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2 sur MX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48, 15.1X49, 17.3, 17.4, 18.1 et 18.2 sur SRX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46, 12.3X48, 15.1X49 sur SRX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Tous produits et toutes plateformes ex\u00e9cutant Junos OS",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75, 17.4, 18.1 et 18.2 sur QFX et PTX Series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-0010",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0010"
},
{
"name": "CVE-2018-10901",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10901"
},
{
"name": "CVE-2018-0737",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0737"
},
{
"name": "CVE-2017-18258",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18258"
},
{
"name": "CVE-2018-5683",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5683"
},
{
"name": "CVE-2019-0003",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0003"
},
{
"name": "CVE-2019-0007",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0007"
},
{
"name": "CVE-2018-5391",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5391"
},
{
"name": "CVE-2017-13672",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13672"
},
{
"name": "CVE-2017-0861",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0861"
},
{
"name": "CVE-2018-7566",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7566"
},
{
"name": "CVE-2019-0027",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0027"
},
{
"name": "CVE-2019-0030",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0030"
},
{
"name": "CVE-2017-1000379",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000379"
},
{
"name": "CVE-2019-0001",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0001"
},
{
"name": "CVE-2018-14634",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14634"
},
{
"name": "CVE-2019-0002",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0002"
},
{
"name": "CVE-2019-0013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0013"
},
{
"name": "CVE-2019-0023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0023"
},
{
"name": "CVE-2016-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4447"
},
{
"name": "CVE-2018-10675",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10675"
},
{
"name": "CVE-2016-4448",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4448"
},
{
"name": "CVE-2017-3137",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3137"
},
{
"name": "CVE-2015-1283",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1283"
},
{
"name": "CVE-2016-3705",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3705"
},
{
"name": "CVE-2017-3142",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3142"
},
{
"name": "CVE-2018-10872",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10872"
},
{
"name": "CVE-2019-0015",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0015"
},
{
"name": "CVE-2019-0005",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0005"
},
{
"name": "CVE-2019-0009",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0009"
},
{
"name": "CVE-2018-7858",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7858"
},
{
"name": "CVE-2019-0024",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0024"
},
{
"name": "CVE-2019-0025",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0025"
},
{
"name": "CVE-2017-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3143"
},
{
"name": "CVE-2018-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3620"
},
{
"name": "CVE-2017-7375",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7375"
},
{
"name": "CVE-2019-0011",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0011"
},
{
"name": "CVE-2018-3639",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3639"
},
{
"name": "CVE-2017-15265",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15265"
},
{
"name": "CVE-2019-0012",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0012"
},
{
"name": "CVE-2017-11610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11610"
},
{
"name": "CVE-2018-5748",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5748"
},
{
"name": "CVE-2019-0004",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0004"
},
{
"name": "CVE-2019-0017",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0017"
},
{
"name": "CVE-2018-1126",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1126"
},
{
"name": "CVE-2018-3665",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3665"
},
{
"name": "CVE-2017-1000366",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000366"
},
{
"name": "CVE-2016-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3627"
},
{
"name": "CVE-2018-12020",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12020"
},
{
"name": "CVE-2018-5390",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5390"
},
{
"name": "CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"name": "CVE-2018-12384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12384"
},
{
"name": "CVE-2018-10897",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10897"
},
{
"name": "CVE-2019-0021",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0021"
},
{
"name": "CVE-2018-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9251"
},
{
"name": "CVE-2019-0016",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0016"
},
{
"name": "CVE-2018-1124",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1124"
},
{
"name": "CVE-2018-8897",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8897"
},
{
"name": "CVE-2019-0022",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0022"
},
{
"name": "CVE-2017-1000364",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000364"
},
{
"name": "CVE-2018-0732",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0732"
},
{
"name": "CVE-2018-1050",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1050"
},
{
"name": "CVE-2019-0014",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0014"
},
{
"name": "CVE-2018-3693",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3693"
},
{
"name": "CVE-2018-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10911"
},
{
"name": "CVE-2019-0026",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0026"
},
{
"name": "CVE-2019-0029",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0029"
},
{
"name": "CVE-2019-0020",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0020"
},
{
"name": "CVE-2018-5740",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5740"
},
{
"name": "CVE-2017-2619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2619"
},
{
"name": "CVE-2019-0018",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0018"
},
{
"name": "CVE-2018-1000004",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000004"
},
{
"name": "CVE-2019-0006",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0006"
},
{
"name": "CVE-2016-4449",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4449"
},
{
"name": "CVE-2017-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3136"
},
{
"name": "CVE-2011-3389",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3389"
},
{
"name": "CVE-2017-3145",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3145"
},
{
"name": "CVE-2018-1064",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1064"
},
{
"name": "CVE-2018-10301",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10301"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-014",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-01-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10906 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10906\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10910 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10910\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10911 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10911\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10907 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10907\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10912 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10912\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10913 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10913\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10919 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10919\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10905 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10905\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10902 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10902\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10917 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10917\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10904 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10904\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10915 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10915\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10916 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10916\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10914 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10914\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10900 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10900\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10909 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10909\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10901 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10901\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10918 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10918\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10903 du 9 janvier 2019",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10903\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
BDU:2019-01628
Vulnerability from fstec - Published: 01.10.2018
VLAI Severity ?
Title
Уязвимость функции deny-answer-aliases в открытой реализации DNS-сервера BIND, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость функции deny-answer-aliases в открытой реализации DNS-сервера BIND связана с возникновением ошибки утверждения в name.c при использовании этой функции. Эксплуатация уязвимости позволяет нарушителю, действующему удаленно, вызвать отказ в обслуживании
Severity ?
Vendor
ООО «РусБИТех-Астра», Сообщество свободного программного обеспечения, Internet Systems Consortium, АО «НТЦ ИТ РОСА», АО «Концерн ВНИИНС»
Software Name
Astra Linux Special Edition (запись в едином реестре российских программ №369), Debian GNU/Linux, BIND, РОСА Кобальт (запись в едином реестре российских программ №1999), ОС ОН «Стрелец» (запись в едином реестре российских программ №6177)
Software Version
1.5 «Смоленск» (Astra Linux Special Edition), 9 (Debian GNU/Linux), 1.6 «Смоленск» (Astra Linux Special Edition), от 9.7.0 до 9.8.8 (BIND), от 9.9.0 до 9.9.13 (BIND), от 9.10.0 до 9.10.8 (BIND), от 9.11.0 до 9.11.4 (BIND), от 9.12.0 до 9.12.2 (BIND), от 9.13.0 до 9.13.2 (BIND), 8 (Debian GNU/Linux), - (РОСА Кобальт), до 16.01.2023 (ОС ОН «Стрелец»)
Possible Mitigations
Для BIND:
Обновление программного обеспечения до 1:9.11.5.P4+dfsg-2 или более поздней версии
Для Debian:
Обновление программного обеспечения (пакета bind9) до 1:9.9.5.dfsg-9+deb8u16 или более поздней версии
Для Astra Linux:
Обновление программного обеспечения (пакета bind9) до 1:9.9.5.dfsg-9+deb8u16 или более поздней версии
Для ОС РОСА Кобальт:
http://wiki.rosalab.ru/ru/index.php/ROSA-SA-18-08-10.001
Для ОС ОН «Стрелец»:
Обновление программного обеспечения bind9 до версии 1:9.10.3.dfsg.P4-12.3+deb9u12.strelets1
Для ОС Astra Linux 1.6 «Смоленск»:
обновить пакет bind9 до 1:9.11.3+dfsg-1ubuntu1.5 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/pages/viewpage.action?pageId=57444186
Reference
https://nvd.nist.gov/vuln/detail/CVE-2018-5740
https://security-tracker.debian.org/tracker/CVE-2018-5740
https://access.redhat.com/security/cve/cve-2018-5740
https://wiki.astralinux.ru/pages/viewpage.action?pageId=1212483
http://wiki.rosalab.ru/ru/index.php/ROSA-SA-18-08-10.001
https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023
https://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16
CWE
CWE-20
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Internet Systems Consortium, \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb, \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.5 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 9 (Debian GNU/Linux), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), \u043e\u0442 9.7.0 \u0434\u043e 9.8.8 (BIND), \u043e\u0442 9.9.0 \u0434\u043e 9.9.13 (BIND), \u043e\u0442 9.10.0 \u0434\u043e 9.10.8 (BIND), \u043e\u0442 9.11.0 \u0434\u043e 9.11.4 (BIND), \u043e\u0442 9.12.0 \u0434\u043e 9.12.2 (BIND), \u043e\u0442 9.13.0 \u0434\u043e 9.13.2 (BIND), 8 (Debian GNU/Linux), - (\u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f BIND:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0434\u043e 1:9.11.5.P4+dfsg-2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f Debian:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 bind9) \u0434\u043e 1:9.9.5.dfsg-9+deb8u16 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f Astra Linux:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 bind9) \u0434\u043e 1:9.9.5.dfsg-9+deb8u16 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f \u041e\u0421 \u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442:\nhttp://wiki.rosalab.ru/ru/index.php/ROSA-SA-18-08-10.001\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f bind9 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1:9.10.3.dfsg.P4-12.3+deb9u12.strelets1\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 bind9 \u0434\u043e 1:9.11.3+dfsg-1ubuntu1.5 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/pages/viewpage.action?pageId=57444186",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "01.10.2018",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "30.09.2024",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "25.04.2019",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-01628",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2018-5740",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Debian GNU/Linux, BIND, \u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161999), \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.5 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 8 , \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb \u0420\u041e\u0421\u0410 \u041a\u043e\u0431\u0430\u043b\u044c\u0442 - (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161999), \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 deny-answer-aliases \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 DNS-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 BIND, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 deny-answer-aliases \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 DNS-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 BIND \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u043e\u0437\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u0435\u043c \u043e\u0448\u0438\u0431\u043a\u0438 \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u044f \u0432 name.c \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u044d\u0442\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://nvd.nist.gov/vuln/detail/CVE-2018-5740\nhttps://security-tracker.debian.org/tracker/CVE-2018-5740\nhttps://access.redhat.com/security/cve/cve-2018-5740\nhttps://wiki.astralinux.ru/pages/viewpage.action?pageId=1212483\nhttp://wiki.rosalab.ru/ru/index.php/ROSA-SA-18-08-10.001\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}
CNVD-2018-17514
Vulnerability from cnvd - Published: 2018-09-05
VLAI Severity ?
Title
ISC BIND拒绝服务漏洞(CNVD-2018-17514)
Description
ISC BIND是美国Internet Systems Consortium(ISC)公司所维护的一套实现了DNS协议的开源软件。
ISC BIND中存在拒绝服务漏洞。远程攻击者可利用该漏洞造成拒绝服务。
Severity
中
Patch Name
ISC BIND拒绝服务漏洞(CNVD-2018-17514)的补丁
Patch Description
ISC BIND是美国Internet Systems Consortium(ISC)公司所维护的一套实现了DNS协议的开源软件。
ISC BIND中存在拒绝服务漏洞。远程攻击者可利用该漏洞造成拒绝服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布漏洞修复程序,请及时关注更新: https://kb.isc.org/article/AA-01639/0
Reference
http://www.securityfocus.com/bid/105055
Impacted products
| Name | ['ISC BIND >=9.7.0,<=9.8.8', 'ISC BIND >=9.9.0,<=9.9.13', 'ISC BIND >=9.10.0,<=9.10.8', 'ISC BIND >=9.11.0,<=9.11.4', 'ISC BIND >=9.12.0,<=9.12.2', 'ISC BIND >=9.13.0,<=9.13.2'] |
|---|
{
"bids": {
"bid": {
"bidNumber": "105055"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2018-5740"
}
},
"description": "ISC BIND\u662f\u7f8e\u56fdInternet Systems Consortium\uff08ISC\uff09\u516c\u53f8\u6240\u7ef4\u62a4\u7684\u4e00\u5957\u5b9e\u73b0\u4e86DNS\u534f\u8bae\u7684\u5f00\u6e90\u8f6f\u4ef6\u3002\r\n\r\nISC BIND\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
"discovererName": "Tony Finch of the University of Cambridge",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://kb.isc.org/article/AA-01639/0",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2018-17514",
"openTime": "2018-09-05",
"patchDescription": "ISC BIND\u662f\u7f8e\u56fdInternet Systems Consortium\uff08ISC\uff09\u516c\u53f8\u6240\u7ef4\u62a4\u7684\u4e00\u5957\u5b9e\u73b0\u4e86DNS\u534f\u8bae\u7684\u5f00\u6e90\u8f6f\u4ef6\u3002\r\n\r\nISC BIND\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "ISC BIND\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2018-17514\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"ISC BIND \u003e=9.7.0\uff0c\u003c=9.8.8",
"ISC BIND \u003e=9.9.0\uff0c\u003c=9.9.13",
"ISC BIND \u003e=9.10.0\uff0c\u003c=9.10.8",
"ISC BIND \u003e=9.11.0\uff0c\u003c=9.11.4",
"ISC BIND \u003e=9.12.0\uff0c\u003c=9.12.2",
"ISC BIND \u003e=9.13.0\uff0c\u003c=9.13.2"
]
},
"referenceLink": "http://www.securityfocus.com/bid/105055",
"serverity": "\u4e2d",
"submitTime": "2018-08-09",
"title": "ISC BIND\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2018-17514\uff09"
}
FKIE_CVE-2018-5740
Vulnerability from fkie_nvd - Published: 2019-01-16 20:29 - Updated: 2024-11-21 04:09
Severity ?
Summary
"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.
References
| URL | Tags | ||
|---|---|---|---|
| security-officer@isc.org | http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html | Mailing List, Third Party Advisory | |
| security-officer@isc.org | http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html | Mailing List, Third Party Advisory | |
| security-officer@isc.org | http://www.securityfocus.com/bid/105055 | Third Party Advisory, VDB Entry | |
| security-officer@isc.org | http://www.securitytracker.com/id/1041436 | Third Party Advisory, VDB Entry | |
| security-officer@isc.org | https://access.redhat.com/errata/RHSA-2018:2570 | Third Party Advisory | |
| security-officer@isc.org | https://access.redhat.com/errata/RHSA-2018:2571 | Third Party Advisory | |
| security-officer@isc.org | https://kb.isc.org/docs/aa-01639 | Vendor Advisory | |
| security-officer@isc.org | https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html | Third Party Advisory | |
| security-officer@isc.org | https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html | Mailing List, Third Party Advisory | |
| security-officer@isc.org | https://security.gentoo.org/glsa/201903-13 | Third Party Advisory | |
| security-officer@isc.org | https://security.netapp.com/advisory/ntap-20180926-0003/ | Third Party Advisory | |
| security-officer@isc.org | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03927en_us | Third Party Advisory | |
| security-officer@isc.org | https://usn.ubuntu.com/3769-1/ | Third Party Advisory | |
| security-officer@isc.org | https://usn.ubuntu.com/3769-2/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105055 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041436 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:2570 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2018:2571 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kb.isc.org/docs/aa-01639 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201903-13 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20180926-0003/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03927en_us | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3769-1/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3769-2/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| isc | bind | * | |
| isc | bind | * | |
| isc | bind | * | |
| isc | bind | * | |
| isc | bind | * | |
| isc | bind | * | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| netapp | data_ontap_edge | - | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| hp | hp-ux | - | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 15.1 | |
| opensuse | leap | 42.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCCA7B30-3344-4718-8B34-FE60CCE4487C",
"versionEndExcluding": "9.8.8",
"versionStartIncluding": "9.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F17A1AB-48E7-48B7-97CC-BD270649F856",
"versionEndExcluding": "9.9.13",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF340133-E86A-4A6D-9775-E66B46829700",
"versionEndExcluding": "9.10.8",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94AD1D77-45DD-49F2-AA16-6E3A3BF8F5C9",
"versionEndExcluding": "9.11.4",
"versionStartIncluding": "9.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5464FDED-E02B-486F-8699-CB7B9D623A59",
"versionEndExcluding": "9.12.2",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0484A7C1-5E99-49A6-BE21-BB201D2D0EFA",
"versionEndExcluding": "9.13.2",
"versionStartIncluding": "9.13.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F480AA32-841A-4E68-9343-B2E7548B0A0C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2."
},
{
"lang": "es",
"value": "\"deny-answer-aliases\" es una caracter\u00edstica poco utilizada que pretende ayudar a los operadores recursivos del servidor a proteger a los usuarios finales contra ataques de reenlace DNS, un m\u00e9todo para poder eludir el modelo de seguridad empleado por los navegadores del cliente. Sin embargo, un defecto en esta caracter\u00edstica hace que sea sencillo experimentar un fallo de aserci\u00f3n en name.c. Afecta a BIND desde la versi\u00f3n 9.7.0 hasta la versi\u00f3n 9.8.8, desde la versi\u00f3n 9.9.0 hasta la versi\u00f3n 9.9.13, desde la versi\u00f3n 9.10.0 hasta la versi\u00f3n 9.10.8, desde la versi\u00f3n 9.11.0 hasta la versi\u00f3n 9.11.4, desde la versi\u00f3n 9.12.0 hasta la versi\u00f3n 9.12.2 y desde la versi\u00f3n 9.13.0 hasta la versi\u00f3n 9.13.2."
}
],
"id": "CVE-2018-5740",
"lastModified": "2024-11-21T04:09:17.547",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "security-officer@isc.org",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-01-16T20:29:01.017",
"references": [
{
"source": "security-officer@isc.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"
},
{
"source": "security-officer@isc.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105055"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041436"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2570"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2571"
},
{
"source": "security-officer@isc.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01639"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"
},
{
"source": "security-officer@isc.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-13"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0003/"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3769-1/"
},
{
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3769-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2571"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3769-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3769-2/"
}
],
"sourceIdentifier": "security-officer@isc.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-RQPC-6VJV-W22P
Vulnerability from github – Published: 2022-05-13 01:02 – Updated: 2022-05-13 01:02
VLAI?
Details
"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.
Severity ?
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2018-5740"
],
"database_specific": {
"cwe_ids": [
"CWE-617"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-01-16T20:29:00Z",
"severity": "HIGH"
},
"details": "\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2.",
"id": "GHSA-rqpc-6vjv-w22p",
"modified": "2022-05-13T01:02:33Z",
"published": "2022-05-13T01:02:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5740"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2570"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:2571"
},
{
"type": "WEB",
"url": "https://kb.isc.org/docs/aa-01639"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201903-13"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20180926-0003"
},
{
"type": "WEB",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3769-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3769-2"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/105055"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1041436"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2018-5740
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-5740",
"description": "\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2.",
"id": "GSD-2018-5740",
"references": [
"https://www.suse.com/security/cve/CVE-2018-5740.html",
"https://access.redhat.com/errata/RHSA-2018:2571",
"https://access.redhat.com/errata/RHSA-2018:2570",
"https://ubuntu.com/security/CVE-2018-5740",
"https://advisories.mageia.org/CVE-2018-5740.html",
"https://alas.aws.amazon.com/cve/html/CVE-2018-5740.html",
"https://linux.oracle.com/cve/CVE-2018-5740.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-5740"
],
"details": "\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2.",
"id": "GSD-2018-5740",
"modified": "2023-12-13T01:22:40.551563Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"DATE_PUBLIC": "2018-08-08T08:00:00.000Z",
"ID": "CVE-2018-5740",
"STATE": "PUBLIC",
"TITLE": "A flaw in the \"deny-answer-aliases\" feature can cause an assertion failure in named"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BIND 9",
"version": {
"version_data": [
{
"version_name": "BIND 9 ",
"version_value": "9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2"
}
]
}
}
]
},
"vendor_name": "ISC"
}
]
}
},
"configuration": [
{
"lang": "eng",
"value": "Only servers which have explicitly enabled the \"deny-answer-aliases\" feature are at risk and disabling the feature prevents exploitation."
}
],
"credit": [
{
"lang": "eng",
"value": "ISC would like to thank Tony Finch of the University of Cambridge for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients."
},
{
"lang": "eng",
"value": "Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients. Only servers which have explicitly enabled the \"deny-answer-aliases\" feature are at risk and disabling the feature prevents exploitation."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105055",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105055"
},
{
"name": "[debian-lts-announce] 20180830 [SECURITY] [DLA 1485-1] bind9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"
},
{
"name": "RHSA-2018:2570",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2570"
},
{
"name": "RHSA-2018:2571",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2571"
},
{
"name": "USN-3769-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3769-2/"
},
{
"name": "1041436",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041436"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180926-0003/"
},
{
"name": "https://kb.isc.org/docs/aa-01639",
"refsource": "CONFIRM",
"url": "https://kb.isc.org/docs/aa-01639"
},
{
"name": "USN-3769-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3769-1/"
},
{
"name": "GLSA-201903-13",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201903-13"
},
{
"name": "openSUSE-SU-2019:1533",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"
},
{
"name": "openSUSE-SU-2019:1532",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us"
},
{
"name": "[debian-lts-announce] 20211102 [SECURITY] [DLA 2807-1] bind9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Most operators will not need to make any changes unless they are using the \"deny-answer-aliases\" feature (which is described in the BIND 9 Adminstrator Reference Manual section 6.2.) \"deny-answer-aliases\" is off by default; only configurations which explicitly enable it can be affected by this defect.\n\nIf you are using \"deny-answer-aliases\", upgrade to the patched release most closely related to your current version of BIND.\n\n 9.9.13-P1\n 9.10.8-P1\n 9.11.4-P1\n 9.12.2-P1\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n 9.11.3-S3\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "This vulnerability can be avoided by disabling the \"deny-answer-aliases\" feature if it is in use."
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.11.4",
"versionStartIncluding": "9.11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.12.2",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.9.13",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.10.8",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.8.8",
"versionStartIncluding": "9.7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "9.13.2",
"versionStartIncluding": "9.13.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security-officer@isc.org",
"ID": "CVE-2018-5740"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.isc.org/docs/aa-01639",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://kb.isc.org/docs/aa-01639"
},
{
"name": "USN-3769-2",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3769-2/"
},
{
"name": "USN-3769-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3769-1/"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180926-0003/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180926-0003/"
},
{
"name": "[debian-lts-announce] 20180830 [SECURITY] [DLA 1485-1] bind9 security update",
"refsource": "MLIST",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html"
},
{
"name": "RHSA-2018:2571",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2571"
},
{
"name": "RHSA-2018:2570",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2570"
},
{
"name": "1041436",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041436"
},
{
"name": "105055",
"refsource": "BID",
"tags": [
"VDB Entry",
"Third Party Advisory"
],
"url": "http://www.securityfocus.com/bid/105055"
},
{
"name": "GLSA-201903-13",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201903-13"
},
{
"name": "openSUSE-SU-2019:1533",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html"
},
{
"name": "openSUSE-SU-2019:1532",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03927en_us"
},
{
"name": "[debian-lts-announce] 20211102 [SECURITY] [DLA 2807-1] bind9 security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-04-12T18:34Z",
"publishedDate": "2019-01-16T20:29Z"
}
}
}
OPENSUSE-SU-2019:1533-1
Vulnerability from csaf_opensuse - Published: 2019-06-10 09:32 - Updated: 2019-06-10 09:32Summary
Security update for bind
Severity
Important
Notes
Title of the patch: Security update for bind
Description of the patch: This update for bind fixes the following issues:
Security issues fixed:
- CVE-2019-6465: Fixed an issue where controls for zone transfers may not be properly applied to Dynamically Loadable Zones (bsc#1126069).
- CVE-2018-5745: Fixed a denial of service vulnerability if a trust anchor rolls over to an unsupported key algorithm when using managed-keys (bsc#1126068).
- CVE-2018-5743: Fixed a denial of service vulnerability which could be caused by to many simultaneous TCP connections (bsc#1133185).
- CVE-2018-5740: Fixed a denial of service vulnerability in the 'deny-answer-aliases' feature (bsc#1104129).
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames: openSUSE-2019-1533
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-doc-9.11.2-lp151.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-bind-9.11.2-lp151.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-doc-9.11.2-lp151.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-bind-9.11.2-lp151.11.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-doc-9.11.2-lp151.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-bind-9.11.2-lp151.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-doc-9.11.2-lp151.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-bind-9.11.2-lp151.11.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
4.9 (Medium)
Affected products
Recommended
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-doc-9.11.2-lp151.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-bind-9.11.2-lp151.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-doc-9.11.2-lp151.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-bind-9.11.2-lp151.11.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
72 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-doc-9.11.2-lp151.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:python3-bind-9.11.2-lp151.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-doc-9.11.2-lp151.11.3.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:python3-bind-9.11.2-lp151.11.3.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
References
30 references
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/o… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://lists.opensuse.org/archives/list/security… | self |
| https://bugzilla.suse.com/1104129 | self |
| https://bugzilla.suse.com/1126068 | self |
| https://bugzilla.suse.com/1126069 | self |
| https://bugzilla.suse.com/1133185 | self |
| https://www.suse.com/security/cve/CVE-2018-5740/ | self |
| https://www.suse.com/security/cve/CVE-2018-5743/ | self |
| https://www.suse.com/security/cve/CVE-2018-5745/ | self |
| https://www.suse.com/security/cve/CVE-2019-6465/ | self |
| https://www.suse.com/security/cve/CVE-2018-5740 | external |
| https://bugzilla.suse.com/1104129 | external |
| https://bugzilla.suse.com/1141730 | external |
| https://bugzilla.suse.com/1148887 | external |
| https://bugzilla.suse.com/1177790 | external |
| https://www.suse.com/security/cve/CVE-2018-5743 | external |
| https://bugzilla.suse.com/1133185 | external |
| https://bugzilla.suse.com/1148887 | external |
| https://bugzilla.suse.com/1157051 | external |
| https://www.suse.com/security/cve/CVE-2018-5745 | external |
| https://bugzilla.suse.com/1126068 | external |
| https://bugzilla.suse.com/1141730 | external |
| https://bugzilla.suse.com/1148887 | external |
| https://bugzilla.suse.com/1177790 | external |
| https://www.suse.com/security/cve/CVE-2019-6465 | external |
| https://bugzilla.suse.com/1126069 | external |
| https://bugzilla.suse.com/1141730 | external |
| https://bugzilla.suse.com/1148887 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for bind",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for bind fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-6465: Fixed an issue where controls for zone transfers may not be properly applied to Dynamically Loadable Zones (bsc#1126069).\n- CVE-2018-5745: Fixed a denial of service vulnerability if a trust anchor rolls over to an unsupported key algorithm when using managed-keys (bsc#1126068).\n- CVE-2018-5743: Fixed a denial of service vulnerability which could be caused by to many simultaneous TCP connections (bsc#1133185).\n- CVE-2018-5740: Fixed a denial of service vulnerability in the \u0027deny-answer-aliases\u0027 feature (bsc#1104129).\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-1533",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_1533-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:1533-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DP6CCQYSAQ2GWBMKJAVZIUX7ZUNRET73/#DP6CCQYSAQ2GWBMKJAVZIUX7ZUNRET73"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:1533-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DP6CCQYSAQ2GWBMKJAVZIUX7ZUNRET73/#DP6CCQYSAQ2GWBMKJAVZIUX7ZUNRET73"
},
{
"category": "self",
"summary": "SUSE Bug 1104129",
"url": "https://bugzilla.suse.com/1104129"
},
{
"category": "self",
"summary": "SUSE Bug 1126068",
"url": "https://bugzilla.suse.com/1126068"
},
{
"category": "self",
"summary": "SUSE Bug 1126069",
"url": "https://bugzilla.suse.com/1126069"
},
{
"category": "self",
"summary": "SUSE Bug 1133185",
"url": "https://bugzilla.suse.com/1133185"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5740 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5743 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-5745 page",
"url": "https://www.suse.com/security/cve/CVE-2018-5745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6465 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6465/"
}
],
"title": "Security update for bind",
"tracking": {
"current_release_date": "2019-06-10T09:32:04Z",
"generator": {
"date": "2019-06-10T09:32:04Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:1533-1",
"initial_release_date": "2019-06-10T09:32:04Z",
"revision_history": [
{
"date": "2019-06-10T09:32:04Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "bind-9.11.2-lp151.11.3.1.i586",
"product": {
"name": "bind-9.11.2-lp151.11.3.1.i586",
"product_id": "bind-9.11.2-lp151.11.3.1.i586"
}
},
{
"category": "product_version",
"name": "bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"product": {
"name": "bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"product_id": "bind-chrootenv-9.11.2-lp151.11.3.1.i586"
}
},
{
"category": "product_version",
"name": "bind-devel-9.11.2-lp151.11.3.1.i586",
"product": {
"name": "bind-devel-9.11.2-lp151.11.3.1.i586",
"product_id": "bind-devel-9.11.2-lp151.11.3.1.i586"
}
},
{
"category": "product_version",
"name": "bind-lwresd-9.11.2-lp151.11.3.1.i586",
"product": {
"name": "bind-lwresd-9.11.2-lp151.11.3.1.i586",
"product_id": "bind-lwresd-9.11.2-lp151.11.3.1.i586"
}
},
{
"category": "product_version",
"name": "bind-utils-9.11.2-lp151.11.3.1.i586",
"product": {
"name": "bind-utils-9.11.2-lp151.11.3.1.i586",
"product_id": "bind-utils-9.11.2-lp151.11.3.1.i586"
}
},
{
"category": "product_version",
"name": "libbind9-160-9.11.2-lp151.11.3.1.i586",
"product": {
"name": "libbind9-160-9.11.2-lp151.11.3.1.i586",
"product_id": "libbind9-160-9.11.2-lp151.11.3.1.i586"
}
},
{
"category": "product_version",
"name": "libdns169-9.11.2-lp151.11.3.1.i586",
"product": {
"name": "libdns169-9.11.2-lp151.11.3.1.i586",
"product_id": "libdns169-9.11.2-lp151.11.3.1.i586"
}
},
{
"category": "product_version",
"name": "libirs-devel-9.11.2-lp151.11.3.1.i586",
"product": {
"name": "libirs-devel-9.11.2-lp151.11.3.1.i586",
"product_id": "libirs-devel-9.11.2-lp151.11.3.1.i586"
}
},
{
"category": "product_version",
"name": "libirs160-9.11.2-lp151.11.3.1.i586",
"product": {
"name": "libirs160-9.11.2-lp151.11.3.1.i586",
"product_id": "libirs160-9.11.2-lp151.11.3.1.i586"
}
},
{
"category": "product_version",
"name": "libisc166-9.11.2-lp151.11.3.1.i586",
"product": {
"name": "libisc166-9.11.2-lp151.11.3.1.i586",
"product_id": "libisc166-9.11.2-lp151.11.3.1.i586"
}
},
{
"category": "product_version",
"name": "libisccc160-9.11.2-lp151.11.3.1.i586",
"product": {
"name": "libisccc160-9.11.2-lp151.11.3.1.i586",
"product_id": "libisccc160-9.11.2-lp151.11.3.1.i586"
}
},
{
"category": "product_version",
"name": "libisccfg160-9.11.2-lp151.11.3.1.i586",
"product": {
"name": "libisccfg160-9.11.2-lp151.11.3.1.i586",
"product_id": "libisccfg160-9.11.2-lp151.11.3.1.i586"
}
},
{
"category": "product_version",
"name": "liblwres160-9.11.2-lp151.11.3.1.i586",
"product": {
"name": "liblwres160-9.11.2-lp151.11.3.1.i586",
"product_id": "liblwres160-9.11.2-lp151.11.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-doc-9.11.2-lp151.11.3.1.noarch",
"product": {
"name": "bind-doc-9.11.2-lp151.11.3.1.noarch",
"product_id": "bind-doc-9.11.2-lp151.11.3.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-bind-9.11.2-lp151.11.3.1.noarch",
"product": {
"name": "python3-bind-9.11.2-lp151.11.3.1.noarch",
"product_id": "python3-bind-9.11.2-lp151.11.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "bind-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "bind-9.11.2-lp151.11.3.1.x86_64",
"product_id": "bind-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"product_id": "bind-chrootenv-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-devel-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "bind-devel-9.11.2-lp151.11.3.1.x86_64",
"product_id": "bind-devel-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"product_id": "bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"product_id": "bind-lwresd-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "bind-utils-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "bind-utils-9.11.2-lp151.11.3.1.x86_64",
"product_id": "bind-utils-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"product_id": "libbind9-160-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"product_id": "libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libdns169-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "libdns169-9.11.2-lp151.11.3.1.x86_64",
"product_id": "libdns169-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"product_id": "libdns169-32bit-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"product_id": "libirs-devel-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libirs160-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "libirs160-9.11.2-lp151.11.3.1.x86_64",
"product_id": "libirs160-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"product_id": "libirs160-32bit-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisc166-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "libisc166-9.11.2-lp151.11.3.1.x86_64",
"product_id": "libisc166-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"product_id": "libisc166-32bit-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisccc160-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "libisccc160-9.11.2-lp151.11.3.1.x86_64",
"product_id": "libisccc160-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"product_id": "libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"product_id": "libisccfg160-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"product_id": "libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "liblwres160-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "liblwres160-9.11.2-lp151.11.3.1.x86_64",
"product_id": "liblwres160-9.11.2-lp151.11.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"product": {
"name": "liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"product_id": "liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.0",
"product": {
"name": "openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.0"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "bind-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "bind-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "bind-devel-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "bind-devel-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-doc-9.11.2-lp151.11.3.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:bind-doc-9.11.2-lp151.11.3.1.noarch"
},
"product_reference": "bind-doc-9.11.2-lp151.11.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-lwresd-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "bind-lwresd-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-lwresd-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "bind-utils-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "bind-utils-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-160-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "libbind9-160-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-160-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns169-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "libdns169-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns169-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libdns169-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns169-32bit-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "libirs-devel-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs160-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "libirs160-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs160-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libirs160-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs160-32bit-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc166-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "libisc166-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc166-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libisc166-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc166-32bit-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc160-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "libisccc160-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc160-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libisccc160-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg160-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "libisccfg160-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg160-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "liblwres160-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "liblwres160-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "liblwres160-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "liblwres160-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bind-9.11.2-lp151.11.3.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:python3-bind-9.11.2-lp151.11.3.1.noarch"
},
"product_reference": "python3-bind-9.11.2-lp151.11.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "bind-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "bind-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-chrootenv-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "bind-devel-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "bind-devel-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-doc-9.11.2-lp151.11.3.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-doc-9.11.2-lp151.11.3.1.noarch"
},
"product_reference": "bind-doc-9.11.2-lp151.11.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-lwresd-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "bind-lwresd-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-lwresd-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "bind-utils-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bind-utils-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "bind-utils-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-160-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "libbind9-160-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-160-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns169-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "libdns169-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns169-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libdns169-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libdns169-32bit-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "libirs-devel-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs-devel-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs160-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "libirs160-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs160-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libirs160-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libirs160-32bit-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc166-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "libisc166-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc166-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libisc166-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisc166-32bit-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc160-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "libisccc160-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc160-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libisccc160-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg160-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "libisccfg160-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg160-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "liblwres160-9.11.2-lp151.11.3.1.i586 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.i586"
},
"product_reference": "liblwres160-9.11.2-lp151.11.3.1.i586",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "liblwres160-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "liblwres160-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64"
},
"product_reference": "liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-bind-9.11.2-lp151.11.3.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:python3-bind-9.11.2-lp151.11.3.1.noarch"
},
"product_reference": "python3-bind-9.11.2-lp151.11.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-5740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5740"
}
],
"notes": [
{
"category": "general",
"text": "\"deny-answer-aliases\" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0-\u003e9.8.8, 9.9.0-\u003e9.9.13, 9.10.0-\u003e9.10.8, 9.11.0-\u003e9.11.4, 9.12.0-\u003e9.12.2, 9.13.0-\u003e9.13.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:python3-bind-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.11.2-lp151.11.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5740",
"url": "https://www.suse.com/security/cve/CVE-2018-5740"
},
{
"category": "external",
"summary": "SUSE Bug 1104129 for CVE-2018-5740",
"url": "https://bugzilla.suse.com/1104129"
},
{
"category": "external",
"summary": "SUSE Bug 1141730 for CVE-2018-5740",
"url": "https://bugzilla.suse.com/1141730"
},
{
"category": "external",
"summary": "SUSE Bug 1148887 for CVE-2018-5740",
"url": "https://bugzilla.suse.com/1148887"
},
{
"category": "external",
"summary": "SUSE Bug 1177790 for CVE-2018-5740",
"url": "https://bugzilla.suse.com/1177790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:python3-bind-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.11.2-lp151.11.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:python3-bind-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.11.2-lp151.11.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-10T09:32:04Z",
"details": "important"
}
],
"title": "CVE-2018-5740"
},
{
"cve": "CVE-2018-5743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5743"
}
],
"notes": [
{
"category": "general",
"text": "By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -\u003e 9.10.8-P1, 9.11.0 -\u003e 9.11.6, 9.12.0 -\u003e 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -\u003e 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -\u003e 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:python3-bind-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.11.2-lp151.11.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5743",
"url": "https://www.suse.com/security/cve/CVE-2018-5743"
},
{
"category": "external",
"summary": "SUSE Bug 1133185 for CVE-2018-5743",
"url": "https://bugzilla.suse.com/1133185"
},
{
"category": "external",
"summary": "SUSE Bug 1148887 for CVE-2018-5743",
"url": "https://bugzilla.suse.com/1148887"
},
{
"category": "external",
"summary": "SUSE Bug 1157051 for CVE-2018-5743",
"url": "https://bugzilla.suse.com/1157051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:python3-bind-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.11.2-lp151.11.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:python3-bind-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.11.2-lp151.11.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-10T09:32:04Z",
"details": "important"
}
],
"title": "CVE-2018-5743"
},
{
"cve": "CVE-2018-5745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-5745"
}
],
"notes": [
{
"category": "general",
"text": "\"managed-keys\" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor\u0027s keys are replaced with keys which use an unsupported algorithm. Versions affected: BIND 9.9.0 -\u003e 9.10.8-P1, 9.11.0 -\u003e 9.11.5-P1, 9.12.0 -\u003e 9.12.3-P1, and versions 9.9.3-S1 -\u003e 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -\u003e 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:python3-bind-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.11.2-lp151.11.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-5745",
"url": "https://www.suse.com/security/cve/CVE-2018-5745"
},
{
"category": "external",
"summary": "SUSE Bug 1126068 for CVE-2018-5745",
"url": "https://bugzilla.suse.com/1126068"
},
{
"category": "external",
"summary": "SUSE Bug 1141730 for CVE-2018-5745",
"url": "https://bugzilla.suse.com/1141730"
},
{
"category": "external",
"summary": "SUSE Bug 1148887 for CVE-2018-5745",
"url": "https://bugzilla.suse.com/1148887"
},
{
"category": "external",
"summary": "SUSE Bug 1177790 for CVE-2018-5745",
"url": "https://bugzilla.suse.com/1177790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:python3-bind-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.11.2-lp151.11.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:python3-bind-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.11.2-lp151.11.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-10T09:32:04Z",
"details": "moderate"
}
],
"title": "CVE-2018-5745"
},
{
"cve": "CVE-2019-6465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6465"
}
],
"notes": [
{
"category": "general",
"text": "Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -\u003e 9.10.8-P1, 9.11.0 -\u003e 9.11.5-P2, 9.12.0 -\u003e 9.12.3-P2, and versions 9.9.3-S1 -\u003e 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -\u003e 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:python3-bind-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.11.2-lp151.11.3.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6465",
"url": "https://www.suse.com/security/cve/CVE-2019-6465"
},
{
"category": "external",
"summary": "SUSE Bug 1126069 for CVE-2019-6465",
"url": "https://bugzilla.suse.com/1126069"
},
{
"category": "external",
"summary": "SUSE Bug 1141730 for CVE-2019-6465",
"url": "https://bugzilla.suse.com/1141730"
},
{
"category": "external",
"summary": "SUSE Bug 1148887 for CVE-2019-6465",
"url": "https://bugzilla.suse.com/1148887"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:python3-bind-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.11.2-lp151.11.3.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.0:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.0:python3-bind-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-chrootenv-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-doc-9.11.2-lp151.11.3.1.noarch",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-lwresd-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:bind-utils-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libbind9-160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libdns169-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs-devel-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libirs160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisc166-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccc160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:libisccfg160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-32bit-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.i586",
"openSUSE Leap 15.1:liblwres160-9.11.2-lp151.11.3.1.x86_64",
"openSUSE Leap 15.1:python3-bind-9.11.2-lp151.11.3.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-06-10T09:32:04Z",
"details": "moderate"
}
],
"title": "CVE-2019-6465"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…