var-201910-1646
Vulnerability from variot
By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -> 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743. ISC BIND 9 Contains the following multiple vulnerabilities: TCP The number of client connections is not limited as configured - CVE-2018-5743 nxdomain-redirect Due to lack of functions query.c In Assertion Failure Occurs - CVE-2019-6467 nxdomain-redirect Due to lack of functions Assertion Failure Occurs - CVE-2019-6468The expected impact depends on each vulnerability, but can be affected as follows: * By attacker named File descriptors will be depleted, adversely affecting network connectivity and log and zone journal file management - CVE-2018-5743 nxdomain-redirect If the function is enabled, an attacker may interfere with service operation (DoS) Attacked - CVE-2019-6467, CVE-2019-6468. ISC BIND is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. ISC BIND is a set of open source software developed by ISC Corporation in the United States that implements the DNS protocol. An attacker could exploit this vulnerability to run out of file descriptors, affecting network connections and file management. ISC.org has confirmed the vulnerability and released software updates. ========================================================================== Ubuntu Security Notice USN-3956-2 May 09, 2019
bind9 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
Bind could be made to consume resources if it received specially crafted network traffic. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 ESM: bind9 1:9.9.5.dfsg-3ubuntu0.19+esm1
Ubuntu 12.04 ESM: bind9 1:9.8.1.dfsg.P1-4ubuntu0.28
In general, a standard system update will make all the necessary changes.
CVE-2018-5745
The "managed-keys" feature was susceptible to denial of service by
triggering an assert.
CVE-2019-6465
ACLs for zone transfers were incorrectly enforced for dynamically
loadable zones (DLZs).
For the stable distribution (stretch), these problems have been fixed in version 1:9.10.3.dfsg.P4-12.3+deb9u5.
We recommend that you upgrade your bind9 packages.
For the detailed security status of bind9 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/bind9
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlzUio4ACgkQEMKTtsN8 Tjb1uw/+MdjOu171QHxImVOxln3m0yQUVlBq1LLq5JuiFgPffYu0lVUTujBGINia T6DUFWnO5Ct7I+B4LIEXTpAY7UYTaBnt8cWxkGqacDxwG21wanJ+EWgo9NtfNmfw s6Zh1rfBDkvDT1OsOcmw8nuisyvZsWvZrNP+2mzfCTSm7jaqVLp1MfJZDBmXPlAF VoPvAwDO/XjDxQDUcxwCxRu590pbHrS5Fdi+9IN81Vd/MaKwebsQ4MFtLE5J1miU nnzWDT7V8JbLFj4KzFn7ugLTVw4e/lLXK3h+Qsssxa5o0emNPRz21q6HqTeFB8sg pT4F7krQq1lbEI1viTqXChK4Slj6uEnagt0WOzoJ+SLpcY9pojoVabivFf3UNXg7 ceflAcb9jdm1M7KCYy34XCMMwrFiwr078NTj5+158qrXX/I7ydFTkJLCmDrqcKfP sF738m0XuhnPunycZk6SFZpoRi+bZlbs6oEXyBU3QgFKjz/qkgCdXUC0TO6wxAed QkeSksPO5/Hwegr/UYDnB77htWmOaXUllDlGicGseFWe0GoeYr0p8AWIUnb1cCa4 YwtNJzEqK0TrN73IWFQd6YJxMxNajRXItnuijxon6vtjCTu+/8ROujqfNz9EYJZ2 85aJ/noHLePNV4MBka0kSBapZRocrcNKjKX8QMDb8N1nEvjSl8k= =VAvv -----END PGP SIGNATURE----- .
Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/bind-9.11.6_P1-i586-1_slack14.2.txz: Upgraded. This update fixes a security issue: The TCP client quota set using the tcp-clients option could be exceeded in some cases. This could lead to exhaustion of file descriptors. For more information, see: https://kb.isc.org/docs/cve-2018-5743 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.11.6_P1-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.11.6_P1-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/bind-9.11.6_P1-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/bind-9.11.6_P1-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/bind-9.11.6_P1-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/bind-9.11.6_P1-x86_64-1_slack14.2.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.14.1-i586-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.14.1-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 14.0 package: d6835a3a22d339df9ca0afd5ab8561bc bind-9.11.6_P1-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: 892265f47674a12362bf821dab2cc9fa bind-9.11.6_P1-x86_64-1_slack14.0.txz
Slackware 14.1 package: 4c55681ae3fb61df7d1af3c92fc53db5 bind-9.11.6_P1-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 932435bf42a652149c5d7a68267696f1 bind-9.11.6_P1-x86_64-1_slack14.1.txz
Slackware 14.2 package: 65779b9f25e221aa3bb1726e331218d4 bind-9.11.6_P1-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: a6b8c6ea2b4abd53b9cb21a77ffc93b7 bind-9.11.6_P1-x86_64-1_slack14.2.txz
Slackware -current package: c1f720dd751a405a60b8e6b59dcb3279 n/bind-9.14.1-i586-1.txz
Slackware x86_64 -current package: 65a617602a5e83d626d1a7045f346cf4 n/bind-9.14.1-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg bind-9.11.6_P1-i586-1_slack14.2.txz
Then, restart the name server:
/etc/rc.d/rc.bind restart
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: bind security update Advisory ID: RHSA-2019:1492-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:1492 Issue date: 2019-06-17 CVE Names: CVE-2018-5743 =====================================================================
- Summary:
An update for bind is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
- Description:
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.
Security Fix(es):
- bind: Limiting simultaneous TCP clients is ineffective (CVE-2018-5743)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the update, the BIND daemon (named) will be restarted automatically.
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: bind-9.8.2-0.68.rc1.el6_10.3.src.rpm
i386: bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-libs-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-utils-9.8.2-0.68.rc1.el6_10.3.i686.rpm
x86_64: bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-libs-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-libs-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-utils-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: bind-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-devel-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.3.i686.rpm
x86_64: bind-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-devel-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-devel-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: bind-9.8.2-0.68.rc1.el6_10.3.src.rpm
x86_64: bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-libs-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-libs-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-utils-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
x86_64: bind-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-devel-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-devel-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: bind-9.8.2-0.68.rc1.el6_10.3.src.rpm
i386: bind-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-libs-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-utils-9.8.2-0.68.rc1.el6_10.3.i686.rpm
ppc64: bind-9.8.2-0.68.rc1.el6_10.3.ppc64.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.3.ppc64.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.ppc.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.ppc64.rpm bind-libs-9.8.2-0.68.rc1.el6_10.3.ppc.rpm bind-libs-9.8.2-0.68.rc1.el6_10.3.ppc64.rpm bind-utils-9.8.2-0.68.rc1.el6_10.3.ppc64.rpm
s390x: bind-9.8.2-0.68.rc1.el6_10.3.s390x.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.3.s390x.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.s390.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.s390x.rpm bind-libs-9.8.2-0.68.rc1.el6_10.3.s390.rpm bind-libs-9.8.2-0.68.rc1.el6_10.3.s390x.rpm bind-utils-9.8.2-0.68.rc1.el6_10.3.s390x.rpm
x86_64: bind-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-libs-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-libs-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-utils-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 6):
i386: bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-devel-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.3.i686.rpm
ppc64: bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.ppc.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.ppc64.rpm bind-devel-9.8.2-0.68.rc1.el6_10.3.ppc.rpm bind-devel-9.8.2-0.68.rc1.el6_10.3.ppc64.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.3.ppc64.rpm
s390x: bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.s390.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.s390x.rpm bind-devel-9.8.2-0.68.rc1.el6_10.3.s390.rpm bind-devel-9.8.2-0.68.rc1.el6_10.3.s390x.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.3.s390x.rpm
x86_64: bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-devel-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-devel-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: bind-9.8.2-0.68.rc1.el6_10.3.src.rpm
i386: bind-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-libs-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-utils-9.8.2-0.68.rc1.el6_10.3.i686.rpm
x86_64: bind-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-chroot-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-libs-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-libs-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-utils-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 6):
i386: bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-devel-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.3.i686.rpm
x86_64: bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-debuginfo-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-devel-9.8.2-0.68.rc1.el6_10.3.i686.rpm bind-devel-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm bind-sdb-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2018-5743 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXQeMRNzjgjWX9erEAQisPg//eldRl/IQMiih6PH05Hwn+4lIqnuqlYiD x7Cz8zj55QZd6UyzXI10dU9SkLNVAIHgl+56nutcLU0Q6H3Uv2OrC9aySTPIkJJF p/VXV/AlziJoKsHJKukd6+sPAAzWmzHLNxBQkYQ1dy2b2apVtphUBvjFVE3xlRbB +P2QtSYlb/iSPzIb3Ib1j8xcZOB2YPoZN9ss98fqqIq1+7svw6kJ6hugU2pk1t/d mtRlXToV6Sefw0sc3yD6Oj3rAjR/d1udhMKj5fpD+JJTIlBvXBCa95wBlc2VBNzp c/11d8pwkgbHyz4eLyoWCHjWqpdBdD9RMSo48YfsX9juuACsiVawZ3Ui8W1cmLq6 dyGeIk4i/PsRJwO2PNBuAMNF871rcjI7ngAUbKbT4r9qGCxz1rzC/rW47hHuDsM4 /SM7S6SHWBLT90AFhxH2kgbBt9sKIYxGdBgKSIzfkNyEJwc75Evc9oEAy1UtLMFN EytT3crdPbC0xIxmUiqUhlWnU2l/gpBETpxb1djIBHi6H7XwuUfJqmC6sKVARrDO F/to4y5KvzFZ1zJImN0c+RaW3/368BWJwI9XvDB1II78TMsoAdrvk57+nuSz/jtR +/3TwX+CeWX7dLyYZs9hjrd1oNbILwPFxpIlTJ2igxybngAw1fXkCjkJYdpqWGbY dv6b3SGk4E8= =p9yK -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201910-1646",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.11.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.10.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.3,
"vendor": "isc",
"version": "9.9.3"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.1"
},
{
"model": "big-ip link controller",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "big-iq centralized management",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "5.4.0"
},
{
"model": "iworkflow",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "2.3.0"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.12.0"
},
{
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.13.7"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "big-ip edge gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.4"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.1"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "big-ip edge gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.4"
},
{
"model": "big-ip webaccelerator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.1"
},
{
"model": "big-ip edge gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "big-iq centralized management",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "6.1.0"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.4"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip fraud protection service",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.13.0"
},
{
"model": "big-iq centralized management",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "5.0.0"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.1"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip global traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "enterprise manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "3.1.1"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "big-ip webaccelerator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.1"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.1"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.1"
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip fraud protection service",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.1"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.1"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip edge gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.4"
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.4"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip application security manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip edge gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "bind",
"scope": "gte",
"trust": 1.0,
"vendor": "isc",
"version": "9.11.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "big-ip global traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.4"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip domain name system",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip webaccelerator",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "big-ip local traffic manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.4"
},
{
"model": "big-ip edge gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.1"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip fraud protection service",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "big-ip application security manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.1"
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "big-ip edge gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip access policy manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.4"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "big-ip access policy manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.11.6"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.12.4"
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip advanced firewall manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.1"
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.0"
},
{
"model": "big-ip webaccelerator",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "14.0.0"
},
{
"model": "bind",
"scope": "lte",
"trust": 1.0,
"vendor": "isc",
"version": "9.10.8"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "big-ip domain name system",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "14.1.0"
},
{
"model": "big-ip analytics",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "big-ip webaccelerator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.4"
},
{
"model": "big-ip link controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip domain name system",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.4"
},
{
"model": "big-ip local traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip link controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.4"
},
{
"model": "big-ip fraud protection service",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.4"
},
{
"model": "big-ip webaccelerator",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "big-ip fraud protection service",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip policy enforcement manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.0"
},
{
"model": "big-ip edge gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "big-ip edge gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-iq centralized management",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "6.0.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 1.0,
"vendor": "isc",
"version": "9.14.0"
},
{
"model": "big-ip local traffic manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "big-ip fraud protection service",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "11.6.5"
},
{
"model": "big-ip analytics",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "12.1.4"
},
{
"model": "big-ip application security manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "13.0.0"
},
{
"model": "big-ip application acceleration manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip analytics",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "big-ip access policy manager",
"scope": "eq",
"trust": 1.0,
"vendor": "f5",
"version": "15.0.0"
},
{
"model": "big-ip policy enforcement manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.1"
},
{
"model": "big-ip application acceleration manager",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "13.1.1"
},
{
"model": "big-ip global traffic manager",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "11.5.2"
},
{
"model": "bind",
"scope": null,
"trust": 0.8,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.14"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.12.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.12.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.12.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.12.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.12"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.11.6"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.11.4"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.11.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.11.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.11.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.10.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.10.6"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.10.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.10.3"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.10.2"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.13"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.11"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.10"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.8"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.7"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.5"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.4"
},
{
"model": "bind 9.9.9-s9",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-s8",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-s7",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-s6",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-s5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-s4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-s3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-s2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-s10",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-s1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-p8",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-p7",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-p6",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-p5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.9-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.8rc1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.8-s6",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.8-s5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.8-s4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.8-s3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.8-s2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.8-s1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.8-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.8-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.8-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.8-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.7-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.7-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.7-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.7"
},
{
"model": "bind 9.9.6-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.6-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.6"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.6"
},
{
"model": "bind 9.9.4-p65",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.4-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.4-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.4"
},
{
"model": "bind 9.9.3-s1-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.3-s1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.3-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.3-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.3-b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.3"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.3"
},
{
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.3"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.3"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.3"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.3"
},
{
"model": "bind 9.9.2-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.2-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.2"
},
{
"model": "bind 9.9.13-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.11-s2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.11-s1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.11-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.10rc3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.10rc2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.10rc1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.10b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.10-s3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.10-s2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.10-s1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.10-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.10-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.1-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.1-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.9.1-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind p2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.1"
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.1"
},
{
"model": "bind rc4",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind b2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind a3",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind a2",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind a1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.9.0"
},
{
"model": "bind 9.12.3-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.12.3-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.12.3-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.12.2-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.12.2-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.12.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.12.1-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.12.0rc2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.12.0rc1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.12.0a1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.6-s1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.5-s6",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.5-s5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.5-s3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.5-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.5-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.5-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.4-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.4-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.2-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.1rc3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.1rc2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.1rc1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.1b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.1-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.0rc3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.0rc1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.0b2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.0b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.0a3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.0-p5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.0-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.0-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.0-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.0-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.11.0"
},
{
"model": "bind 9.10.7-s1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.6-s3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.6-s2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.6-s1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.6-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.5rc3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.5rc2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.5rc1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.5b1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.5-s4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.5-s3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.5-s2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.5-s1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.5-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.5-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.4-p8",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.4-p7",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.4-p6",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.4-p5",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.4-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.4-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.4-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.4-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.3rc1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.3-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.3-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.3-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.3-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.2-p4",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.2-p3",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.2-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.10.2"
},
{
"model": "bind b1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.10.2"
},
{
"model": "bind 9.10.1-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.1-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind p1",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.10.1"
},
{
"model": "bind",
"scope": "eq",
"trust": 0.3,
"vendor": "isc",
"version": "9.10.1"
},
{
"model": "bind 9.10.0-p2",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.10.0-p1",
"scope": null,
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": "9.14.1"
},
{
"model": "bind 9.12.4-p1",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
},
{
"model": "bind 9.11.6-p1",
"scope": "ne",
"trust": 0.3,
"vendor": "isc",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "108077"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002957"
},
{
"db": "NVD",
"id": "CVE-2018-5743"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:isc:bind",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002957"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "108077"
}
],
"trust": 0.3
},
"cve": "CVE-2018-5743",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Complete",
"baseScore": 7.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2019-002957",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 1.6,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "CVE-2018-5743",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "JPCERT/CC",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-002957",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-135775",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "JPCERT/CC",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2019-002957",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 1.6,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-5743",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "security-officer@isc.org",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2018-5743",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2019-002957",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "JPCERT/CC",
"id": "JVNDB-2019-002957",
"trust": 1.6,
"value": "Medium"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2018-5743",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "security-officer@isc.org",
"id": "CVE-2018-5743",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2019-002957",
"trust": 0.8,
"value": "High"
},
{
"author": "VULHUB",
"id": "VHN-135775",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-5743",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135775"
},
{
"db": "VULMON",
"id": "CVE-2018-5743"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002957"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002957"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002957"
},
{
"db": "NVD",
"id": "CVE-2018-5743"
},
{
"db": "NVD",
"id": "CVE-2018-5743"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -\u003e 9.10.8-P1, 9.11.0 -\u003e 9.11.6, 9.12.0 -\u003e 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -\u003e 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -\u003e 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743. ISC BIND 9 Contains the following multiple vulnerabilities: *TCP The number of client connections is not limited as configured - CVE-2018-5743 *nxdomain-redirect Due to lack of functions query.c In Assertion Failure Occurs - CVE-2019-6467 *nxdomain-redirect Due to lack of functions Assertion Failure Occurs - CVE-2019-6468The expected impact depends on each vulnerability, but can be affected as follows: * By attacker named File descriptors will be depleted, adversely affecting network connectivity and log and zone journal file management - CVE-2018-5743 *nxdomain-redirect If the function is enabled, an attacker may interfere with service operation (DoS) Attacked - CVE-2019-6467, CVE-2019-6468. ISC BIND is prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to cause a denial-of-service condition. ISC BIND is a set of open source software developed by ISC Corporation in the United States that implements the DNS protocol. An attacker could exploit this vulnerability to run out of file descriptors, affecting network connections and file management. \nISC.org has confirmed the vulnerability and released software updates. ==========================================================================\nUbuntu Security Notice USN-3956-2\nMay 09, 2019\n\nbind9 vulnerability\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 ESM\n- Ubuntu 12.04 ESM\n\nSummary:\n\nBind could be made to consume resources if it received specially\ncrafted network traffic. This update provides\nthe corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. A remote attacker could possibly use this\n issue to cause Bind to consume resources, leading to a denial of\n service. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 ESM:\n bind9 1:9.9.5.dfsg-3ubuntu0.19+esm1\n\nUbuntu 12.04 ESM:\n bind9 1:9.8.1.dfsg.P1-4ubuntu0.28\n\nIn general, a standard system update will make all the necessary\nchanges. \n\nCVE-2018-5745\n\n The \"managed-keys\" feature was susceptible to denial of service by\n triggering an assert. \n\nCVE-2019-6465\n\n ACLs for zone transfers were incorrectly enforced for dynamically\n loadable zones (DLZs). \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1:9.10.3.dfsg.P4-12.3+deb9u5. \n\nWe recommend that you upgrade your bind9 packages. \n\nFor the detailed security status of bind9 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/bind9\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlzUio4ACgkQEMKTtsN8\nTjb1uw/+MdjOu171QHxImVOxln3m0yQUVlBq1LLq5JuiFgPffYu0lVUTujBGINia\nT6DUFWnO5Ct7I+B4LIEXTpAY7UYTaBnt8cWxkGqacDxwG21wanJ+EWgo9NtfNmfw\ns6Zh1rfBDkvDT1OsOcmw8nuisyvZsWvZrNP+2mzfCTSm7jaqVLp1MfJZDBmXPlAF\nVoPvAwDO/XjDxQDUcxwCxRu590pbHrS5Fdi+9IN81Vd/MaKwebsQ4MFtLE5J1miU\nnnzWDT7V8JbLFj4KzFn7ugLTVw4e/lLXK3h+Qsssxa5o0emNPRz21q6HqTeFB8sg\npT4F7krQq1lbEI1viTqXChK4Slj6uEnagt0WOzoJ+SLpcY9pojoVabivFf3UNXg7\nceflAcb9jdm1M7KCYy34XCMMwrFiwr078NTj5+158qrXX/I7ydFTkJLCmDrqcKfP\nsF738m0XuhnPunycZk6SFZpoRi+bZlbs6oEXyBU3QgFKjz/qkgCdXUC0TO6wxAed\nQkeSksPO5/Hwegr/UYDnB77htWmOaXUllDlGicGseFWe0GoeYr0p8AWIUnb1cCa4\nYwtNJzEqK0TrN73IWFQd6YJxMxNajRXItnuijxon6vtjCTu+/8ROujqfNz9EYJZ2\n85aJ/noHLePNV4MBka0kSBapZRocrcNKjKX8QMDb8N1nEvjSl8k=\n=VAvv\n-----END PGP SIGNATURE-----\n. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/bind-9.11.6_P1-i586-1_slack14.2.txz: Upgraded. \n This update fixes a security issue:\n The TCP client quota set using the tcp-clients option could be exceeded\n in some cases. This could lead to exhaustion of file descriptors. \n For more information, see:\n https://kb.isc.org/docs/cve-2018-5743\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.11.6_P1-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.11.6_P1-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/bind-9.11.6_P1-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/bind-9.11.6_P1-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/bind-9.11.6_P1-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/bind-9.11.6_P1-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.14.1-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.14.1-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\nd6835a3a22d339df9ca0afd5ab8561bc bind-9.11.6_P1-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n892265f47674a12362bf821dab2cc9fa bind-9.11.6_P1-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n4c55681ae3fb61df7d1af3c92fc53db5 bind-9.11.6_P1-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n932435bf42a652149c5d7a68267696f1 bind-9.11.6_P1-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\n65779b9f25e221aa3bb1726e331218d4 bind-9.11.6_P1-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\na6b8c6ea2b4abd53b9cb21a77ffc93b7 bind-9.11.6_P1-x86_64-1_slack14.2.txz\n\nSlackware -current package:\nc1f720dd751a405a60b8e6b59dcb3279 n/bind-9.14.1-i586-1.txz\n\nSlackware x86_64 -current package:\n65a617602a5e83d626d1a7045f346cf4 n/bind-9.14.1-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg bind-9.11.6_P1-i586-1_slack14.2.txz\n\nThen, restart the name server:\n\n# /etc/rc.d/rc.bind restart\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: bind security update\nAdvisory ID: RHSA-2019:1492-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:1492\nIssue date: 2019-06-17\nCVE Names: CVE-2018-5743 \n=====================================================================\n\n1. Summary:\n\nAn update for bind is now available for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64\n\n3. Description:\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly. \n\nSecurity Fix(es):\n\n* bind: Limiting simultaneous TCP clients is ineffective (CVE-2018-5743)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically. \n\n5. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nbind-9.8.2-0.68.rc1.el6_10.3.src.rpm\n\ni386:\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-utils-9.8.2-0.68.rc1.el6_10.3.i686.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-utils-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nbind-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-chroot-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-sdb-9.8.2-0.68.rc1.el6_10.3.i686.rpm\n\nx86_64:\nbind-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-chroot-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-sdb-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nbind-9.8.2-0.68.rc1.el6_10.3.src.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-utils-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nx86_64:\nbind-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-chroot-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-sdb-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nbind-9.8.2-0.68.rc1.el6_10.3.src.rpm\n\ni386:\nbind-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-chroot-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-utils-9.8.2-0.68.rc1.el6_10.3.i686.rpm\n\nppc64:\nbind-9.8.2-0.68.rc1.el6_10.3.ppc64.rpm\nbind-chroot-9.8.2-0.68.rc1.el6_10.3.ppc64.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.ppc.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.ppc64.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.3.ppc.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.3.ppc64.rpm\nbind-utils-9.8.2-0.68.rc1.el6_10.3.ppc64.rpm\n\ns390x:\nbind-9.8.2-0.68.rc1.el6_10.3.s390x.rpm\nbind-chroot-9.8.2-0.68.rc1.el6_10.3.s390x.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.s390.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.s390x.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.3.s390.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.3.s390x.rpm\nbind-utils-9.8.2-0.68.rc1.el6_10.3.s390x.rpm\n\nx86_64:\nbind-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-chroot-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-utils-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 6):\n\ni386:\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-sdb-9.8.2-0.68.rc1.el6_10.3.i686.rpm\n\nppc64:\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.ppc.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.ppc64.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.3.ppc.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.3.ppc64.rpm\nbind-sdb-9.8.2-0.68.rc1.el6_10.3.ppc64.rpm\n\ns390x:\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.s390.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.s390x.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.3.s390.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.3.s390x.rpm\nbind-sdb-9.8.2-0.68.rc1.el6_10.3.s390x.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-sdb-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nbind-9.8.2-0.68.rc1.el6_10.3.src.rpm\n\ni386:\nbind-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-chroot-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-utils-9.8.2-0.68.rc1.el6_10.3.i686.rpm\n\nx86_64:\nbind-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-chroot-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-libs-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-utils-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 6):\n\ni386:\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-sdb-9.8.2-0.68.rc1.el6_10.3.i686.rpm\n\nx86_64:\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-debuginfo-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.3.i686.rpm\nbind-devel-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\nbind-sdb-9.8.2-0.68.rc1.el6_10.3.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-5743\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXQeMRNzjgjWX9erEAQisPg//eldRl/IQMiih6PH05Hwn+4lIqnuqlYiD\nx7Cz8zj55QZd6UyzXI10dU9SkLNVAIHgl+56nutcLU0Q6H3Uv2OrC9aySTPIkJJF\np/VXV/AlziJoKsHJKukd6+sPAAzWmzHLNxBQkYQ1dy2b2apVtphUBvjFVE3xlRbB\n+P2QtSYlb/iSPzIb3Ib1j8xcZOB2YPoZN9ss98fqqIq1+7svw6kJ6hugU2pk1t/d\nmtRlXToV6Sefw0sc3yD6Oj3rAjR/d1udhMKj5fpD+JJTIlBvXBCa95wBlc2VBNzp\nc/11d8pwkgbHyz4eLyoWCHjWqpdBdD9RMSo48YfsX9juuACsiVawZ3Ui8W1cmLq6\ndyGeIk4i/PsRJwO2PNBuAMNF871rcjI7ngAUbKbT4r9qGCxz1rzC/rW47hHuDsM4\n/SM7S6SHWBLT90AFhxH2kgbBt9sKIYxGdBgKSIzfkNyEJwc75Evc9oEAy1UtLMFN\nEytT3crdPbC0xIxmUiqUhlWnU2l/gpBETpxb1djIBHi6H7XwuUfJqmC6sKVARrDO\nF/to4y5KvzFZ1zJImN0c+RaW3/368BWJwI9XvDB1II78TMsoAdrvk57+nuSz/jtR\n+/3TwX+CeWX7dLyYZs9hjrd1oNbILwPFxpIlTJ2igxybngAw1fXkCjkJYdpqWGbY\ndv6b3SGk4E8=\n=p9yK\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-5743"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002957"
},
{
"db": "BID",
"id": "108077"
},
{
"db": "VULHUB",
"id": "VHN-135775"
},
{
"db": "VULMON",
"id": "CVE-2018-5743"
},
{
"db": "PACKETSTORM",
"id": "152776"
},
{
"db": "PACKETSTORM",
"id": "152632"
},
{
"db": "PACKETSTORM",
"id": "152781"
},
{
"db": "PACKETSTORM",
"id": "152658"
},
{
"db": "PACKETSTORM",
"id": "153311"
},
{
"db": "PACKETSTORM",
"id": "154767"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-5743",
"trust": 2.9
},
{
"db": "JVN",
"id": "JVNVU99876126",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002957",
"trust": 0.8
},
{
"db": "BID",
"id": "108077",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "152658",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "152632",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "152776",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "154767",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "153311",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "152781",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "154423",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152820",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "153130",
"trust": 0.1
},
{
"db": "CNNVD",
"id": "CNNVD-201904-1155",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-135775",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-5743",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135775"
},
{
"db": "VULMON",
"id": "CVE-2018-5743"
},
{
"db": "BID",
"id": "108077"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002957"
},
{
"db": "PACKETSTORM",
"id": "152776"
},
{
"db": "PACKETSTORM",
"id": "152632"
},
{
"db": "PACKETSTORM",
"id": "152781"
},
{
"db": "PACKETSTORM",
"id": "152658"
},
{
"db": "PACKETSTORM",
"id": "153311"
},
{
"db": "PACKETSTORM",
"id": "154767"
},
{
"db": "NVD",
"id": "CVE-2018-5743"
}
]
},
"id": "VAR-201910-1646",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-135775"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-29T22:24:30.483000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CVE-2018-5743: Limiting simultaneous TCP clients is ineffective",
"trust": 0.8,
"url": "https://kb.isc.org/docs/cve-2018-5743"
},
{
"title": "CVE-2019-6467: An error in the nxdomain redirect feature can cause BIND to exit with an INSIST assertion failure in query.c",
"trust": 0.8,
"url": "https://kb.isc.org/docs/cve-2019-6467"
},
{
"title": "CVE-2019-6468: BIND Supported Preview Edition can exit with an assertion failure if nxdomain-redirect is used",
"trust": 0.8,
"url": "https://kb.isc.org/docs/cve-2019-6468"
},
{
"title": "Red Hat: Important: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20192977 - Security Advisory"
},
{
"title": "Red Hat: Important: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191145 - Security Advisory"
},
{
"title": "Red Hat: Important: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191492 - Security Advisory"
},
{
"title": "Red Hat: Important: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20192698 - Security Advisory"
},
{
"title": "Red Hat: Important: bind security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20191294 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: bind9 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3956-1"
},
{
"title": "Ubuntu Security Notice: bind9 vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3956-2"
},
{
"title": "Amazon Linux AMI: ALAS-2019-1244",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2019-1244"
},
{
"title": "Debian CVElist Bug Report Logs: bind9: CVE-2018-5743: Limiting simultaneous TCP clients is ineffective",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=e2ecf48225c5d9f29642d90d21e50774"
},
{
"title": "Debian Security Advisories: DSA-4440-1 bind9 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=544b2821aec132995469d882acc6474f"
},
{
"title": "Red Hat: CVE-2018-5743",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2018-5743"
},
{
"title": "Debian CVElist Bug Report Logs: bind9: CVE-2019-6477: TCP-pipelined queries can bypass tcp-clients limit",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=247473d5aba8f01187166a35adfceab1"
},
{
"title": "IBM: IBM Security Bulletin: Vulnerability in BIND affects IBM Integrated Analytics System",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=a0d09a7ad8163b845aadbc6389d96936"
},
{
"title": "IBM: IBM Security Bulletin: A vulnerability in Open Source Bind affects IBM Netezza Host Management",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=24e164459efefe5589b2b05f26860c48"
},
{
"title": "Debian CVElist Bug Report Logs: bind9: CVE-2019-6465: Zone transfer controls for writable DLZ zones were not effective",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=4f0524147ca87a483fe85c94107ccc19"
},
{
"title": "Amazon Linux 2: ALAS2-2019-1231",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2019-1231"
},
{
"title": "Debian CVElist Bug Report Logs: bind9: CVE-2018-5745: An assertion failure can occur if a trust anchor rolls over to an unsupported key algorithm when using managed-keys",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=a62e24c826d0a13a259e9ab36c5d1073"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - July 2019",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=767e8ff3a913d6c9b177c63c24420933"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2019",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=b76ca4c2e9a0948d77d969fddc7b121b"
},
{
"title": "Forcepoint Security Advisories: CVE-2019-6477 (BIND)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=acfaaa68f2cd5ea533fe51483a0ff8e5"
},
{
"title": "IBM: IBM Security Bulletin: Vyatta 5600 vRouter Software Patches \u00e2\u20ac\u201c Release 1801-z",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=4ef3e54cc5cdc194f0526779f9480f89"
},
{
"title": "dnsonsen_advent_calendar",
"trust": 0.1,
"url": "https://github.com/sischkg/dnsonsen_advent_calender "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-5743"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002957"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-770",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135775"
},
{
"db": "NVD",
"id": "CVE-2018-5743"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.5,
"url": "https://kb.isc.org/docs/cve-2018-5743"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5743"
},
{
"trust": 1.1,
"url": "https://www.synology.com/security/advisory/synology_sa_19_20"
},
{
"trust": 1.0,
"url": "https://support.f5.com/csp/article/k74009656?utm_source=f5support\u0026amp%3butm_medium=rss"
},
{
"trust": 0.9,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5743"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6467"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6468"
},
{
"trust": 0.8,
"url": "https://www.jpcert.or.jp/at/2019/at190019.html"
},
{
"trust": 0.8,
"url": "https://jprs.jp/tech/security/2019-04-25-bind9-vuln-tcp-clients.html"
},
{
"trust": 0.8,
"url": "https://jprs.jp/tech/security/2019-04-25-bind9-vuln-nxdomain-redirect.html"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu99876126/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-6467"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-6468"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2018-5743"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1702541"
},
{
"trust": 0.3,
"url": "http://www.isc.org/products/bind/"
},
{
"trust": 0.2,
"url": "https://usn.ubuntu.com/usn/usn-3956-1"
},
{
"trust": 0.2,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.2,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.1,
"url": "https://support.f5.com/csp/article/k74009656?utm_source=f5support\u0026amp;amp;utm_medium=rss"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/usn/usn-3956-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.p4-8ubuntu1.14"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.11.4+dfsg-3ubuntu5.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.11.5.p1+dfsg-1ubuntu2.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/bind9/1:9.11.3+dfsg-1ubuntu1.7"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-6465"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/bind9"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5745"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2019:1492"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2019:2977"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-135775"
},
{
"db": "BID",
"id": "108077"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002957"
},
{
"db": "PACKETSTORM",
"id": "152776"
},
{
"db": "PACKETSTORM",
"id": "152632"
},
{
"db": "PACKETSTORM",
"id": "152781"
},
{
"db": "PACKETSTORM",
"id": "152658"
},
{
"db": "PACKETSTORM",
"id": "153311"
},
{
"db": "PACKETSTORM",
"id": "154767"
},
{
"db": "NVD",
"id": "CVE-2018-5743"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-135775"
},
{
"db": "VULMON",
"id": "CVE-2018-5743"
},
{
"db": "BID",
"id": "108077"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002957"
},
{
"db": "PACKETSTORM",
"id": "152776"
},
{
"db": "PACKETSTORM",
"id": "152632"
},
{
"db": "PACKETSTORM",
"id": "152781"
},
{
"db": "PACKETSTORM",
"id": "152658"
},
{
"db": "PACKETSTORM",
"id": "153311"
},
{
"db": "PACKETSTORM",
"id": "154767"
},
{
"db": "NVD",
"id": "CVE-2018-5743"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-135775"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5743"
},
{
"date": "2019-04-24T00:00:00",
"db": "BID",
"id": "108077"
},
{
"date": "2019-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002957"
},
{
"date": "2019-05-09T03:33:33",
"db": "PACKETSTORM",
"id": "152776"
},
{
"date": "2019-04-25T16:00:50",
"db": "PACKETSTORM",
"id": "152632"
},
{
"date": "2019-05-09T23:44:44",
"db": "PACKETSTORM",
"id": "152781"
},
{
"date": "2019-04-29T10:21:11",
"db": "PACKETSTORM",
"id": "152658"
},
{
"date": "2019-06-17T17:12:41",
"db": "PACKETSTORM",
"id": "153311"
},
{
"date": "2019-10-08T19:58:17",
"db": "PACKETSTORM",
"id": "154767"
},
{
"date": "2019-10-09T16:15:13.763000",
"db": "NVD",
"id": "CVE-2018-5743"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-12-18T00:00:00",
"db": "VULHUB",
"id": "VHN-135775"
},
{
"date": "2019-12-18T00:00:00",
"db": "VULMON",
"id": "CVE-2018-5743"
},
{
"date": "2019-04-24T00:00:00",
"db": "BID",
"id": "108077"
},
{
"date": "2019-12-02T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002957"
},
{
"date": "2024-11-21T04:09:17.967000",
"db": "NVD",
"id": "CVE-2018-5743"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "108077"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ISC BIND 9 Multiple vulnerabilities in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002957"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Failure to Handle Exceptional Conditions",
"sources": [
{
"db": "BID",
"id": "108077"
}
],
"trust": 0.3
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.