CVE-2017-3140

If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0->9.11.1, 9.9.10-S1, 9.10.5-S1.

Published : 2019-01-16 20:29 Updated : 2019-10-09 23:27

4.3
CVSS Score More info
Score 4.3 / 10
4.3
Vendor Product Version URI
Isc Bind 9.9.10 cpe:/a:isc:bind:9.9.10
Isc Bind 9.9.10 cpe:/a:isc:bind:9.9.10:s1
Isc Bind 9.10.5 cpe:/a:isc:bind:9.10.5
Isc Bind 9.10.5 cpe:/a:isc:bind:9.10.5:s1
Isc Bind 9.11.0 cpe:/a:isc:bind:9.11.0
Isc Bind 9.11.0 cpe:/a:isc:bind:9.11.0:a1
Isc Bind 9.11.0 cpe:/a:isc:bind:9.11.0:a2
Isc Bind 9.11.0 cpe:/a:isc:bind:9.11.0:a3
Isc Bind 9.11.0 cpe:/a:isc:bind:9.11.0:b1
Isc Bind 9.11.0 cpe:/a:isc:bind:9.11.0:b2
Isc Bind 9.11.0 cpe:/a:isc:bind:9.11.0:b3
Isc Bind 9.11.0 cpe:/a:isc:bind:9.11.0:p1
Isc Bind 9.11.0 cpe:/a:isc:bind:9.11.0:p2
Isc Bind 9.11.0 cpe:/a:isc:bind:9.11.0:p3
Isc Bind 9.11.0 cpe:/a:isc:bind:9.11.0:p5
Isc Bind 9.11.0 cpe:/a:isc:bind:9.11.0:rc1
Isc Bind 9.11.0 cpe:/a:isc:bind:9.11.0:rc3
Isc Bind 9.11.1 cpe:/a:isc:bind:9.11.1
Isc Bind 9.11.1 cpe:/a:isc:bind:9.11.1:b1
Isc Bind 9.11.1 cpe:/a:isc:bind:9.11.1:p3
Isc Bind 9.11.1 cpe:/a:isc:bind:9.11.1:rc1
Isc Bind 9.11.1 cpe:/a:isc:bind:9.11.1:rc3
Netapp Data Ontap Edge - cpe:/a:netapp:data_ontap_edge:-
Netapp Element Software - cpe:/a:netapp:element_software:-
Netapp Oncommand Balance - cpe:/a:netapp:oncommand_balance:-
  1. Isc (1) Search CVE
    1. Bind (4) Search CVE
      1. 9.9.10
      2. 9.10.5
      3. 9.11.0
      4. 9.11.1
  2. Netapp (3) Search CVE
    1. Oncommand Balance (1) Search CVE
      1. -
    2. Element Software (1) Search CVE
      1. -
    3. Data Ontap Edge (1) Search CVE
      1. -

CWE

ID Name Description Links
CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion') The software does not properly restrict the size or amount of resources that are requested or influenced by an actor, which can be used to consume more resources than intended. CVE

History of changes

Date Event
2019-02-11 19:37
2019-01-17 11:29
2019-01-16 20:29

New CVE