CVE-2018-5736
published 2019-01-16CVE-2018-5736: An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several…
medium5.3CVSS 3.0
AVNACHPRLUINSUCNINAH
An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is permitted to cause a vulnerable server to initiate zone transfers (for example: by sending valid NOTIFY messages), causing the named process to exit after failing the assertion test. Affects BIND 9.12.0 and 9.12.1.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | bind9 | — | — |
| isc | bind | — | — |
| isc | bind | — | — |
| isc | bind | >= 0 < 9.12.1_p2-r0 | 9.12.1_p2-r0 |
| isc | bind | >= 0 < 9.12.1_p2-r0 | 9.12.1_p2-r0 |
| isc | bind | >= 0 < 9.12.1_p2-r0 | 9.12.1_p2-r0 |
| isc | bind | >= 0 < 9.12.1_p2-r0 | 9.12.1_p2-r0 |
| isc | bind | >= 0 < 9.12.1_p2-r0 | 9.12.1_p2-r0 |
| isc | bind | >= 0 < 9.12.1_p2-r0 | 9.12.1_p2-r0 |
| isc | bind | >= 0 < 9.12.1_p2-r0 | 9.12.1_p2-r0 |
| isc | bind | >= 0 < 9.12.1_p2-r0 | 9.12.1_p2-r0 |
| isc | bind | >= 0 < 9.12.1_p2-r0 | 9.12.1_p2-r0 |
| isc | bind | >= 0 < 9.12.1_p2-r0 | 9.12.1_p2-r0 |
| isc | bind | >= 0 < 9.12.1_p2-r0 | 9.12.1_p2-r0 |
| isc | bind | >= 0 < 9.12.1_p2-r0 | 9.12.1_p2-r0 |
| isc | bind | >= 0 < 9.12.1_p2-r0 | 9.12.1_p2-r0 |
| isc | bind | >= 0 < 9.12.1_p2-r0 | 9.12.1_p2-r0 |
| isc | bind | >= 0 < 9.12.1_p2-r0 | 9.12.1_p2-r0 |
| isc | bind | >= 0 < 9.12.1_p2-r0 | 9.12.1_p2-r0 |
CVSS provenance
nvdv3.05.3MEDIUMCVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.3MEDIUM