CVE-2017-3139

A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.

Published : 2019-04-09 18:29 Updated : 2019-10-03 00:03

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Isc Bind - cpe:/a:isc:bind:-
Redhat Enterprise Linux Server Aus 6.2 cpe:/o:redhat:enterprise_linux_server_aus:6.2
Redhat Enterprise Linux Server Aus 6.4 cpe:/o:redhat:enterprise_linux_server_aus:6.4
Redhat Enterprise Linux Server Aus 6.5 cpe:/o:redhat:enterprise_linux_server_aus:6.5
Redhat Enterprise Linux Server Aus 6.6 cpe:/o:redhat:enterprise_linux_server_aus:6.6
Redhat Enterprise Linux Server Eus 6.7 cpe:/o:redhat:enterprise_linux_server_eus:6.7
Redhat Enterprise Linux Server Tus 6.5 cpe:/o:redhat:enterprise_linux_server_tus:6.5
Redhat Enterprise Linux Server Tus 6.6 cpe:/o:redhat:enterprise_linux_server_tus:6.6
  1. Isc (1) Search CVE
    1. Bind (1) Search CVE
      1. -
  2. Redhat (3) Search CVE
    1. Enterprise Linux Server Aus (4) Search CVE
      1. 6.2
      2. 6.4
      3. 6.5
      4. 6.6
    2. Enterprise Linux Server Tus (2) Search CVE
      1. 6.5
      2. 6.6
    3. Enterprise Linux Server Eus (1) Search CVE
      1. 6.7

CWE

ID Name Description Links
CWE-617 Reachable Assertion The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary. CVE

History of changes

Date Event
2019-10-03 00:03
2019-04-11 12:56

New CVE