5
CVSSv2

CVE-2018-5735

Published: 30/10/2019 Updated: 06/11/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below. From USN-3574-1: It exists that Bind incorrectly handled DNSSEC validation. An attacker could possibly use this to cause a denial of service.

Vulnerability Trend

Affected Products

Vendor Product Versions
DebianDebian Linux8.0, 9.0, 10.0

Vendor Advisories

Bind could be made to crash if it received specially crafted network traffic ...
Debian Bug report logs - #889285 bind9: CVE-2018-5735: assertion failure in validatorc:1858 Package: bind9; Maintainer for bind9 is Debian DNS Team <team+dns@trackerdebianorg>; Source for bind9 is src:bind9 (PTS, buildd, popcon) Reported by: Vladislav Kurz <vladislavkurz@webstepnet> Date: Sat, 3 Feb 2018 10:15: ...