Published: 16/01/2019 Updated: 09/10/2019

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2.

Vulnerable Product	Search on Vulmon	Subscribe to Product
isc bind 9.10.6
isc bind 9.10.5
netapp solidfire element os management node -
netapp data ontap edge -

While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcachec when the request doesn't contain all of the expected information Affects BIND 9105-S1 to 9105-S4, 9106-S1, ...

CWE-617 https://kb.isc.org/docs/aa-01562 https://security.netapp.com/advisory/ntap-20180926-0005/http://www.securitytracker.com/id/1040438 http://www.securityfocus.com/bid/103189 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2018-5734

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-5734

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect