CVE-2018-5734

While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.securityfocus.com/bid/103189	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1040438	Third Party Advisory VDB Entry
https://kb.isc.org/docs/aa-01562	Vendor Advisory
https://security.netapp.com/advisory/ntap-20180926-0005/	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:isc:bind:9.10.5:s1::::::
	cpe:2.3:a:isc:bind:9.10.5:s4::::::
	cpe:2.3:a:isc:bind:9.10.6:s1::::::
	cpe:2.3:a:isc:bind:9.10.6:s2::::::

Configuration 2 (hide)

OR	cpe:2.3:a:netapp:data_ontap_edge:-:::::::*
	cpe:2.3:a:netapp:solidfire_element_os_management_node:-:::::::*

History

No history.

Information

Published : 2019-01-16 20:29

Updated : 2024-02-04 20:03

NVD link : CVE-2018-5734

Mitre link : CVE-2018-5734

CVE.ORG link : CVE-2018-5734

JSON object : View

Products Affected

isc

bind

netapp

data_ontap_edge
solidfire_element_os_management_node

CWE

CWE-617

Reachable Assertion

{"id": "CVE-2018-5734", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security-officer@isc.org", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2019-01-16T20:29:00.800", "references": [{"url": "http://www.securityfocus.com/bid/103189", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security-officer@isc.org"}, {"url": "http://www.securitytracker.com/id/1040438", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security-officer@isc.org"}, {"url": "https://kb.isc.org/docs/aa-01562", "tags": ["Vendor Advisory"], "source": "security-officer@isc.org"}, {"url": "https://security.netapp.com/advisory/ntap-20180926-0005/", "tags": ["Third Party Advisory"], "source": "security-officer@isc.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-617"}]}], "descriptions": [{"lang": "en", "value": "While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2."}, {"lang": "es", "value": "Al gestionar un tipo concreto de paquete mal formado, BIND selecciona err\u00f3neamente un rcode SERVFAIL en lugar de un rcode FORMERR. Si la vista que se est\u00e1 recibiendo tiene la caracter\u00edstica de cach\u00e9 SERVFAIL habilitada, esto puede desencadenar un fallo de aserci\u00f3n en badcache.c cuando la petici\u00f3n no contiene toda la informaci\u00f3n esperada. Afecta a BIND desde la versi\u00f3n 9.9.5-S1 hasta la 9.10.5-S4 y desde la versi\u00f3n 9.10.6-S1 hasta la 9.10.6-S2."}], "lastModified": "2019-10-09T23:41:32.987", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:isc:bind:9.10.5:s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82A6F259-EB06-4F31-9F68-A76F257756DC"}, {"criteria": "cpe:2.3:a:isc:bind:9.10.5:s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5AB5FCA2-A2DE-4D8D-A00C-680DE0DAF83F"}, {"criteria": "cpe:2.3:a:isc:bind:9.10.6:s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B6C3FDB-B57C-4DF5-AFDB-EEF17F5DAE08"}, {"criteria": "cpe:2.3:a:isc:bind:9.10.6:s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C057426-87E6-4B56-A9F2-07BEDBE4A241"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED"}, {"criteria": "cpe:2.3:a:netapp:solidfire_element_os_management_node:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AD8D649-8F3E-4B22-912C-FE94CDC88A67"}], "operator": "OR"}]}], "sourceIdentifier": "security-officer@isc.org"}