Published: 16/01/2019 Updated: 03/10/2019

CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8

CVSS v3 Base Score: 5.3 | Impact Score: 3.6 | Exploitability Score: 1.6

VMScore: 312

Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P

An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is permitted to cause a vulnerable server to initiate zone transfers (for example: by sending valid NOTIFY messages), causing the named process to exit after failing the assertion test. Affects BIND 9.12.0 and 9.12.1.

Vulnerable Product	Search on Vulmon	Subscribe to Product
isc bind 9.12.0
isc bind 9.12.1
netapp data ontap edge -
netapp cloud backup -

A flaw was found in the way zone databases were handled by bind An attacker with permissions to initiate a zone transfer could cause bind to crash ...

An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession ...

This Metasploit module leverages a flaw in runc to escape a Docker container and get command execution on the host as root This vulnerability is identified as CVE-2019-5736 It overwrites the runc binary with the payload and waits for someone to use docker exec to get into the container This will trigger the payload execution Note that executing ...

NVD-CWE-noinfo CWE-617 https://kb.isc.org/docs/aa-01602 https://security.netapp.com/advisory/ntap-20180926-0004/http://www.securitytracker.com/id/1040941 http://www.securityfocus.com/bid/104386 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2018-5736

CVE-2018-5736

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect