| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 6.9 | $0-$5k | 0.00 |
Summary
A vulnerability has been found in ISC BIND up to 9.13.2 and classified as critical. Affected by this issue is some unknown functionality of the file name.c of the component named. The manipulation leads to assertion. This vulnerability is listed as CVE-2018-5740. The attack may be initiated remotely. There is no available exploit. It is recommended to apply a patch to fix this issue.
Details
A vulnerability was found in ISC BIND up to 9.13.2 (Domain Name Software) and classified as critical. This issue affects an unknown part of the file name.c of the component named. The manipulation with an unknown input leads to a assertion vulnerability. Using CWE to declare the problem leads to CWE-617. The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary. Impacted is availability.
The bug was discovered 08/08/2018. The weakness was presented 08/08/2018 by Tony Finch as AA-01639 as confirmed security advisory (Website). It is possible to read the advisory at kb.isc.org. The identification of this vulnerability is CVE-2018-5740 since 01/17/2018. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Technical details of the vulnerability are known, but there is no available exploit. The advisory points out:
"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c.
The vulnerability scanner Nessus provides a plugin with the ID 112136 (Scientific Linux Security Update : bind on SL7.x x86_64 (20180827)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Scientific Linux Local Security Checks and running in the context l. The commercial vulnerability scanner Qualys is able to test this issue with plugin 277413 (Fedora Security Update for bind.P1 (FEDORA-2018-5417ca3713)). The advisory illustrates:
Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named, causing the named process to stop execution and resulting in denial of service to clients. Only servers which have explicitly enabled the "deny-answer-aliases" feature are at risk and disabling the feature prevents exploitation.
Applying the patch 9.9.13-P1/9.10.8-P1/9.11.4-P1/9.12.2-P1 is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of the vulnerability. The security advisory contains the following remark:
This vulnerability can be avoided by disabling the "deny-answer-aliases" feature if it is in use.
The vulnerability is also documented in the databases at Tenable (112136), SecurityFocus (BID 105055†) and SecurityTracker (ID 1041436†). See VDB-119548 for similar entry. Be aware that VulDB is the high quality source for vulnerability data.
Product
Type
Vendor
Name
Version
- 9.8.0
- 9.8.1
- 9.8.2
- 9.8.3
- 9.8.4
- 9.8.5
- 9.8.6
- 9.8.7
- 9.8.8
- 9.9.0
- 9.9.1
- 9.9.2
- 9.9.3
- 9.9.4
- 9.9.5
- 9.9.6
- 9.9.7
- 9.9.8
- 9.9.9
- 9.9.10
- 9.9.11
- 9.9.12
- 9.9.13
- 9.10.0
- 9.10.1
- 9.10.2
- 9.10.3
- 9.10.4
- 9.10.5
- 9.10.6
- 9.10.7
- 9.10.8
- 9.11.0
- 9.11.1
- 9.11.2
- 9.11.3
- 9.11.4
- 9.12.0
- 9.12.1
- 9.12.2
- 9.13.0
- 9.13.1
- 9.13.2
License
Website
- Vendor: https://www.isc.org/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.9VulDB Meta Temp Score: 6.9
VulDB Base Score: 5.3
VulDB Temp Score: 5.1
VulDB Vector: 🔍
VulDB Reliability: 🔍
Vendor Base Score (ISC): 7.5
Vendor Vector (ISC): 🔍
NVD Base Score: 7.5
NVD Vector: 🔍
CNA Base Score: 7.5
CNA Vector (Internet Systems Consortium (ISC)): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: AssertionCWE: CWE-617
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 112136
Nessus Name: Scientific Linux Security Update : bind on SL7.x x86_64 (20180827)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Patch: 9.9.13-P1/9.10.8-P1/9.11.4-P1/9.12.2-P1
Timeline
01/17/2018 🔍08/08/2018 🔍
08/08/2018 🔍
08/08/2018 🔍
08/08/2018 🔍
08/08/2018 🔍
08/12/2018 🔍
08/28/2018 🔍
01/16/2019 🔍
05/01/2023 🔍
Sources
Vendor: isc.orgAdvisory: AA-01639
Researcher: Tony Finch
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2018-5740 (🔍)
GCVE (CVE): GCVE-0-2018-5740
GCVE (VulDB): GCVE-100-122783
SecurityFocus: 105055 - ISC BIND CVE-2018-5740 Remote Denial of Service Vulnerability
SecurityTracker: 1041436
See also: 🔍
Entry
Created: 08/12/2018 13:38Updated: 05/01/2023 12:48
Changes: 08/12/2018 13:38 (94), 03/15/2020 08:17 (5), 05/01/2023 12:40 (4), 05/01/2023 12:48 (12)
Complete: 🔍
Cache ID: 216::103
Be aware that VulDB is the high quality source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.