By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -> 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
Configuration 8 (hide)
|
Configuration 9 (hide)
|
Configuration 10 (hide)
|
Configuration 11 (hide)
|
Configuration 12 (hide)
|
Configuration 13 (hide)
|
Configuration 14 (hide)
|
Configuration 15 (hide)
|
Configuration 16 (hide)
|
Configuration 17 (hide)
|
History
No history.
Information
Published : 2019-10-09 16:15
Updated : 2024-02-04 20:39
NVD link : CVE-2018-5743
Mitre link : CVE-2018-5743
CVE.ORG link : CVE-2018-5743
JSON object : View
Products Affected
f5
- big-ip_fraud_protection_service
- iworkflow
- big-ip_webaccelerator
- big-ip_domain_name_system
- big-ip_application_acceleration_manager
- big-ip_analytics
- big-ip_advanced_firewall_manager
- big-ip_access_policy_manager
- big-ip_application_security_manager
- big-ip_link_controller
- big-ip_edge_gateway
- enterprise_manager
- big-ip_policy_enforcement_manager
- big-iq_centralized_management
- big-ip_global_traffic_manager
- big-ip_local_traffic_manager
isc
- bind
CWE
CWE-770
Allocation of Resources Without Limits or Throttling