| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 6.5 | $0-$5k | 0.00 |
Summary
A vulnerability was found in ISC BIND 9.10.0. It has been declared as problematic. This affects an unknown part of the component Prefetch Handler. Executing a manipulation can lead to input validation. This vulnerability is registered as CVE-2014-3214. Furthermore, an exploit is available. Configuration settings should be changed.
Details
A vulnerability has been found in ISC BIND 9.10.0 (Domain Name Software) and classified as critical. This vulnerability affects some unknown processing of the component Prefetch Handler. The manipulation with an unknown input leads to a input validation vulnerability. The CWE definition for the vulnerability is CWE-20. The product receives input or data, but it does
not validate or incorrectly validates that the input has the
properties that are required to process the data safely and
correctly. As an impact it is known to affect availability. CVE summarizes:
The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a DNS query that triggers a response with unspecified attributes.
The weakness was published 05/08/2014 as AA-01161 as confirmed security advisory (Website). The advisory is shared for download at kb.isc.org. This vulnerability was named CVE-2014-3214 since 05/03/2014. The exploitation appears to be easy. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. Technical details are unknown but a private exploit is available. The advisory points out:
A defect in the pre-fetch feature (which is enabled by default) can cause BIND 9.10.0 to terminate with a "REQUIRE" assertion failure if it processes queries whose answers have particular attributes. This can be triggered as the result of normal query processing.
It is declared as proof-of-concept. The vulnerability scanner Nessus provides a plugin with the ID 73945 (ISC BIND 9 Recursive Server prefetch DoS), which helps to determine the existence of the flaw in a target environment. It is assigned to the family DNS and relying on port 53. The commercial vulnerability scanner Qualys is able to test this issue with plugin 15092 (ISC BIND Recursive Nameservers Remote Denial of Service Vulnerability). The advisory illustrates:
There are no known active exploits but the crash has been independently reported by multiple organizations.
It is possible to mitigate the problem by applying the configuration setting prefetch 0;. A possible mitigation has been published before and not just after the disclosure of the vulnerability. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 16463.
The vulnerability is also documented in the databases at X-Force (93055), Tenable (73945), SecurityFocus (BID 67311†), SecurityTracker (ID 1030214†) and Vulnerability Center (SBV-44417†). Additional details are provided at cxsecurity.com. Similar entry is available at VDB-13581. Once again VulDB remains the best source for vulnerability data.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.isc.org/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.5VulDB Meta Temp Score: 6.5
VulDB Base Score: 7.5
VulDB Temp Score: 6.5
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Input validationCWE: CWE-20
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Access: Private
Status: Proof-of-Concept
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 73945
Nessus Name: ISC BIND 9 Recursive Server prefetch DoS
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Port: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: ConfigStatus: 🔍
0-Day Time: 🔍
Config: prefetch 0;
TippingPoint: 🔍
McAfee IPS: 🔍
McAfee IPS Version: 🔍
Fortigate IPS: 🔍
Timeline
05/03/2014 🔍05/07/2014 🔍
05/07/2014 🔍
05/07/2014 🔍
05/08/2014 🔍
05/08/2014 🔍
05/09/2014 🔍
05/09/2014 🔍
05/09/2014 🔍
05/09/2014 🔍
05/11/2014 🔍
12/17/2024 🔍
Sources
Vendor: isc.orgAdvisory: AA-01161
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2014-3214 (🔍)
GCVE (CVE): GCVE-0-2014-3214
GCVE (VulDB): GCVE-100-13180
IAVM: 🔍
X-Force: 93055 - ISC BIND prefetch denial of service, High Risk
SecurityFocus: 67311 - ISC BIND Recursive Nameservers Remote Denial of Service Vulnerability
SecurityTracker: 1030214 - ISC BIND Prefetch Bug Lets Remote Users Deny Service Against Recursive Nameservers
Vulnerability Center: 44417 - ISC BIND 9.10.0 Remote DoS Vulnerability via a DNS Query, Medium
scip Labs: https://www.scip.ch/en/?labs.20161013
Misc.: 🔍
See also: 🔍
Entry
Created: 05/09/2014 10:55Updated: 12/17/2024 09:35
Changes: 05/09/2014 10:55 (84), 05/27/2017 10:48 (10), 06/19/2021 12:35 (3), 12/17/2024 09:35 (16)
Complete: 🔍
Cache ID: 216:9DB:103
No comments yet. Languages: en.
Please log in to comment.