CVE-2018-5734

While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2.

Published : 2019-01-16 20:29 Updated : 2019-10-09 23:41

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Isc Bind 9.10.5 cpe:/a:isc:bind:9.10.5:s1
Isc Bind 9.10.5 cpe:/a:isc:bind:9.10.5:s4
Isc Bind 9.10.6 cpe:/a:isc:bind:9.10.6:s1
Isc Bind 9.10.6 cpe:/a:isc:bind:9.10.6:s2
Netapp Data Ontap Edge - cpe:/a:netapp:data_ontap_edge:-
Netapp Solidfire Element Os Management Node - cpe:/a:netapp:solidfire_element_os_management_node:-
  1. Isc (1) Search CVE
    1. Bind (2) Search CVE
      1. 9.10.5
      2. 9.10.6
  2. Netapp (2) Search CVE
    1. Solidfire Element Os Management Node (1) Search CVE
      1. -
    2. Data Ontap Edge (1) Search CVE
      1. -

CWE

ID Name Description Links
CWE-617 Reachable Assertion The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary. CVE

History of changes

Date Event
2019-10-03 00:03
2019-02-11 19:24
2019-01-17 11:29
2019-01-16 20:29

New CVE