cnvd - cnvd-2017-00385

cnvd-2017-00385

Vulnerability from cnvd

Title: ISC BIND 9 db.c断言失败拒绝服务漏洞

Description:

BIND是一套开源的用于实现DNS协议的软件。

ISC BIND 9存在db.c断言失败拒绝服务漏洞。当权威服务器使用nxdomain-redirect功能覆盖区域，攻击者通过错误处理特定的查询可造成断言失败，导致拒绝服务。

Severity: 高

Patch Name: ISC BIND 9 db.c断言失败拒绝服务漏洞的补丁

Patch Description:

BIND是一套开源的用于实现DNS协议的软件。

ISC BIND 9存在db.c断言失败拒绝服务漏洞。当权威服务器使用nxdomain-redirect功能覆盖区域，攻击者通过错误处理特定的查询可造成断言失败，导致拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

用户可参考如下供应商提供的安全公告获得补丁信息： https://kb.isc.org/article/AA-01442/0

Reference: https://kb.isc.org/article/AA-01442/0

Impacted products

Name
['ISC, Inc. BIND 9.9.8-S1 -> 9.9.8-S3', 'ISC, Inc. BIND 9.9.9-S1 -> 9.9.9-S6', 'ISC, Inc. BIND 9.11.0-9.11.0 -> P1']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "95388"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-9778"
    }
  },
  "description": "BIND\u662f\u4e00\u5957\u5f00\u6e90\u7684\u7528\u4e8e\u5b9e\u73b0DNS\u534f\u8bae\u7684\u8f6f\u4ef6\u3002\r\n\r\nISC BIND 9\u5b58\u5728db.c\u65ad\u8a00\u5931\u8d25\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u5f53\u6743\u5a01\u670d\u52a1\u5668\u4f7f\u7528nxdomain-redirect\u529f\u80fd\u8986\u76d6\u533a\u57df\uff0c\u653b\u51fb\u8005\u901a\u8fc7\u9519\u8bef\u5904\u7406\u7279\u5b9a\u7684\u67e5\u8be2\u53ef\u9020\u6210\u65ad\u8a00\u5931\u8d25\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "ISC, Inc.",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://kb.isc.org/article/AA-01442/0",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-00385",
  "openTime": "2017-01-13",
  "patchDescription": "BIND\u662f\u4e00\u5957\u5f00\u6e90\u7684\u7528\u4e8e\u5b9e\u73b0DNS\u534f\u8bae\u7684\u8f6f\u4ef6\u3002\r\n\r\nISC BIND 9\u5b58\u5728db.c\u65ad\u8a00\u5931\u8d25\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u5f53\u6743\u5a01\u670d\u52a1\u5668\u4f7f\u7528nxdomain-redirect\u529f\u80fd\u8986\u76d6\u533a\u57df\uff0c\u653b\u51fb\u8005\u901a\u8fc7\u9519\u8bef\u5904\u7406\u7279\u5b9a\u7684\u67e5\u8be2\u53ef\u9020\u6210\u65ad\u8a00\u5931\u8d25\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "ISC BIND 9 db.c\u65ad\u8a00\u5931\u8d25\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "ISC, Inc. BIND 9.9.8-S1 -\u003e 9.9.8-S3",
      "ISC, Inc. BIND  9.9.9-S1 -\u003e 9.9.9-S6",
      "ISC, Inc. BIND  9.11.0-9.11.0 -\u003e P1"
    ]
  },
  "referenceLink": "https://kb.isc.org/article/AA-01442/0",
  "serverity": "\u9ad8",
  "submitTime": "2017-01-03",
  "title": "ISC BIND 9 db.c\u65ad\u8a00\u5931\u8d25\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

CVE-2016-9778 (GCVE-0-2016-9778)

Vulnerability from cvelistv5

Published

2019-01-16 20:00

Modified

2024-09-16 20:01

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

Only servers which are performing NXDOMAIN redirection using the "nxdomain-redirect" function are potentially vulnerable and then only a subset of those servers. In order to be affected a server must be using nxdomain-redirect AND must be redirecting NXDOMAIN responses for a zone for which the server also provides authoritative service -- therefore a purely recursive server is not at risk, either. Successful exploitation of the vulnerability will cause named to stop execution after encountering a REQUIRE assertion failure in db.c, resulting in denial of service to clients.

Summary

An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the "nxdomain-redirect" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type "redirect" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -> 9.9.8-S3, 9.9.9-S1 -> 9.9.9-S6, 9.11.0-9.11.0-P1.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1037582	vdb-entry, x_refsource_SECTRACK
	https://security.gentoo.org/glsa/201708-01	vendor-advisory, x_refsource_GENTOO
	https://security.netapp.com/advisory/ntap-20180926-0005/	x_refsource_CONFIRM
	https://kb.isc.org/article/AA-01442/	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/95388	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	ISC	BIND 9	Version: BIND 9 9.9.8-S1 -> 9.9.8-S3, 9.9.9-S1 -> 9.9.9-S6, 9.11.0-9.11.0-P1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:59:03.474Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1037582",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037582"
          },
          {
            "name": "GLSA-201708-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201708-01"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.isc.org/article/AA-01442/"
          },
          {
            "name": "95388",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95388"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "BIND 9",
          "vendor": "ISC",
          "versions": [
            {
              "status": "affected",
              "version": "BIND 9 9.9.8-S1 -\u003e 9.9.8-S3, 9.9.9-S1 -\u003e 9.9.9-S6, 9.11.0-9.11.0-P1"
            }
          ]
        }
      ],
      "datePublic": "2017-01-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the \"nxdomain-redirect\" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type \"redirect\" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -\u003e 9.9.8-S3, 9.9.9-S1 -\u003e 9.9.9-S6, 9.11.0-9.11.0-P1."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Only servers which are performing NXDOMAIN redirection using the \"nxdomain-redirect\" function are potentially vulnerable and then only a subset of those servers.  In order to be affected a server must be using nxdomain-redirect AND must be redirecting NXDOMAIN responses for a zone for which the server also provides authoritative service -- therefore a purely recursive server is not at risk, either.  Successful exploitation of the vulnerability will cause named to stop execution after encountering a REQUIRE assertion failure in db.c, resulting in denial of service to clients.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-01-17T10:57:01",
        "orgId": "404fd4d2-a609-4245-b543-2c944a302a22",
        "shortName": "isc"
      },
      "references": [
        {
          "name": "1037582",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037582"
        },
        {
          "name": "GLSA-201708-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201708-01"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.isc.org/article/AA-01442/"
        },
        {
          "name": "95388",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95388"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to the patched release most closely related to your current version of BIND. These can be downloaded from http://www.isc.org/downloads.\n\n    BIND 9 version 9.11.0-P2\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n    BIND 9.9.9-S7"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c",
      "workarounds": [
        {
          "lang": "en",
          "value": "Either provide an ordinary (that is: not redirected) NXDOMAIN for non-existent resource records in zones for which authoritative data is served on the same server or use redirect zones instead of the nxdomain-redirect feature."
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-officer@isc.org",
          "DATE_PUBLIC": "2017-01-11T00:00:00.000Z",
          "ID": "CVE-2016-9778",
          "STATE": "PUBLIC",
          "TITLE": "An error handling certain queries using the nxdomain-redirect feature could cause a REQUIRE assertion failure in db.c"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "BIND 9",
                      "version": {
                        "version_data": [
                          {
                            "version_name": "BIND 9",
                            "version_value": "9.9.8-S1 -\u003e 9.9.8-S3, 9.9.9-S1 -\u003e 9.9.9-S6, 9.11.0-9.11.0-P1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "ISC"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the \"nxdomain-redirect\" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type \"redirect\" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -\u003e 9.9.8-S3, 9.9.9-S1 -\u003e 9.9.9-S6, 9.11.0-9.11.0-P1."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Only servers which are performing NXDOMAIN redirection using the \"nxdomain-redirect\" function are potentially vulnerable and then only a subset of those servers.  In order to be affected a server must be using nxdomain-redirect AND must be redirecting NXDOMAIN responses for a zone for which the server also provides authoritative service -- therefore a purely recursive server is not at risk, either.  Successful exploitation of the vulnerability will cause named to stop execution after encountering a REQUIRE assertion failure in db.c, resulting in denial of service to clients."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1037582",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037582"
            },
            {
              "name": "GLSA-201708-01",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201708-01"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20180926-0005/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20180926-0005/"
            },
            {
              "name": "https://kb.isc.org/article/AA-01442/",
              "refsource": "CONFIRM",
              "url": "https://kb.isc.org/article/AA-01442/"
            },
            {
              "name": "95388",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95388"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Upgrade to the patched release most closely related to your current version of BIND. These can be downloaded from http://www.isc.org/downloads.\n\n    BIND 9 version 9.11.0-P2\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n    BIND 9.9.9-S7"
          }
        ],
        "source": {
          "discovery": "UNKNOWN"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "Either provide an ordinary (that is: not redirected) NXDOMAIN for non-existent resource records in zones for which authoritative data is served on the same server or use redirect zones instead of the nxdomain-redirect feature."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22",
    "assignerShortName": "isc",
    "cveId": "CVE-2016-9778",
    "datePublished": "2019-01-16T20:00:00Z",
    "dateReserved": "2016-12-02T00:00:00",
    "dateUpdated": "2024-09-16T20:01:47.192Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted