|Category:||Denial of Service|
|Title:||ISC BIND DoS Vulnerability (CVE-2017-3137) - Linux|
|Summary:||ISC BIND is prone to a denial of service (DoS) vulnerability.|
ISC BIND is prone to a denial of service (DoS) vulnerability.
Mistaken assumptions about the ordering of records in the answer
section of a response containing CNAME or DNAME resource records could lead to a situation in
which named would exit with an assertion failure when processing a response in which records
occurred in an unusual order.
A server which is performing recursion can be forced to exit with
an assertion failure if it can be caused to receive a response containing CNAME or DNAME resource
records with certain ordering. An attacker can cause a denial of service by exploiting this
condition. Recursive resolvers are at highest risk, but authoritative servers are theoretically
vulnerable if they perform recursion.
BIND 9.9.9-P6, 9.9.10b1 through 9.9.10rc1, 9.10.4-P6, 9.10.5b1
through 9.10.5rc1, 9.11.0-P3, 9.11.1b1 through 9.11.1rc1 and 9.9.9-S8.
Update to version 9.9.9-P8, 9.9.10rc3, 9.10.4-P8, 9.10.5rc3,
9.11.0-P5, 9.11.1rc3, 9.9.9-S10 or later.
Common Vulnerability Exposure (CVE) ID: CVE-2017-3137|
BugTraq ID: 97651
Debian Security Information: DSA-3854 (Google Search)
RedHat Security Advisories: RHSA-2017:1095
RedHat Security Advisories: RHSA-2017:1105
RedHat Security Advisories: RHSA-2017:1582
RedHat Security Advisories: RHSA-2017:1583
|Copyright||Copyright (C) 2021 Greenbone Networks GmbH|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.