CVE-2018-5740
Description
deny-answer-aliases is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
69.02
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerability CVE-2018-5740 are affected in BIND 9.13.1 | Windows |
| Internet Domain Name Server (USN-3769-1) bind9_9.11.3+dfsg-1ubuntu1.2_i386.deb | Linux |
| Internet Domain Name Server (USN-3769-1) bind9_9.11.3+dfsg-1ubuntu1.2_amd64.deb | Linux |
| Bind security update (CESA-2018:2570) bind-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-sdb-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-libs-9.9.4-61.el7_5.1.i686.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-libs-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-devel-9.9.4-61.el7_5.1.i686.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-devel-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-utils-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-chroot-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-pkcs11-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-license-9.9.4-61.el7_5.1.noarch.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-libs-lite-9.9.4-61.el7_5.1.i686.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-libs-lite-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-lite-devel-9.9.4-61.el7_5.1.i686.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-lite-devel-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-sdb-chroot-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-pkcs11-libs-9.9.4-61.el7_5.1.i686.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-pkcs11-libs-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-pkcs11-devel-9.9.4-61.el7_5.1.i686.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-pkcs11-devel-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| Bind security update (CESA-2018:2570) bind-pkcs11-utils-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| Bind security update (CESA-2018:2571) bind-9.8.2-0.68.rc1.el6_10.1.i686.rpm | Linux |
| Bind security update (CESA-2018:2571) bind-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm | Linux |
| Bind security update (CESA-2018:2571) bind-sdb-9.8.2-0.68.rc1.el6_10.1.i686.rpm | Linux |
| Bind security update (CESA-2018:2571) bind-sdb-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm | Linux |
| Bind security update (CESA-2018:2571) bind-libs-9.8.2-0.68.rc1.el6_10.1.i686.rpm | Linux |
| Bind security update (CESA-2018:2571) bind-libs-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm | Linux |
| Bind security update (CESA-2018:2571) bind-devel-9.8.2-0.68.rc1.el6_10.1.i686.rpm | Linux |
| Bind security update (CESA-2018:2571) bind-devel-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm | Linux |
| Bind security update (CESA-2018:2571) bind-utils-9.8.2-0.68.rc1.el6_10.1.i686.rpm | Linux |
| Bind security update (CESA-2018:2571) bind-utils-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm | Linux |
| Bind security update (CESA-2018:2571) bind-chroot-9.8.2-0.68.rc1.el6_10.1.i686.rpm | Linux |
| Bind security update (CESA-2018:2571) bind-chroot-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-chroot-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-devel-9.9.4-61.el7_5.1.i686.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-devel-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-libs-9.9.4-61.el7_5.1.i686.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-libs-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-libs-lite-9.9.4-61.el7_5.1.i686.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-libs-lite-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-license-9.9.4-61.el7_5.1.noarch.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-lite-devel-9.9.4-61.el7_5.1.i686.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-lite-devel-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-pkcs11-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-pkcs11-devel-9.9.4-61.el7_5.1.i686.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-pkcs11-devel-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-pkcs11-libs-9.9.4-61.el7_5.1.i686.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-pkcs11-libs-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-pkcs11-utils-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-sdb-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-sdb-chroot-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| (RHSA-2018:2570) bind security update bind-utils-9.9.4-61.el7_5.1.x86_64.rpm | Linux |
| (RHSA-2018:2571) bind security update bind-9.8.2-0.68.rc1.el6_10.1.i686.rpm | Linux |
| (RHSA-2018:2571) bind security update bind-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm | Linux |
| (RHSA-2018:2571) bind security update bind-chroot-9.8.2-0.68.rc1.el6_10.1.i686.rpm | Linux |
| (RHSA-2018:2571) bind security update bind-chroot-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm | Linux |
| (RHSA-2018:2571) bind security update bind-devel-9.8.2-0.68.rc1.el6_10.1.i686.rpm | Linux |
| (RHSA-2018:2571) bind security update bind-devel-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm | Linux |
| (RHSA-2018:2571) bind security update bind-libs-9.8.2-0.68.rc1.el6_10.1.i686.rpm | Linux |
| (RHSA-2018:2571) bind security update bind-libs-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm | Linux |
| (RHSA-2018:2571) bind security update bind-sdb-9.8.2-0.68.rc1.el6_10.1.i686.rpm | Linux |
| (RHSA-2018:2571) bind security update bind-sdb-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm | Linux |
| (RHSA-2018:2571) bind security update bind-utils-9.8.2-0.68.rc1.el6_10.1.i686.rpm | Linux |
| (RHSA-2018:2571) bind security update bind-utils-9.8.2-0.68.rc1.el6_10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) bind-debuginfo-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) bind-debugsource-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) bind-utils-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) bind-utils-debuginfo-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) libbind9-160-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) libbind9-160-debuginfo-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) libdns169-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) libdns169-debuginfo-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) libirs160-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) libirs160-debuginfo-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) libisc166-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) libisc166-32bit-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) libisc166-debuginfo-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) libisc166-debuginfo-32bit-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) libisccc160-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) libisccc160-debuginfo-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) libisccfg160-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) libisccfg160-debuginfo-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) liblwres160-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) liblwres160-debuginfo-9.11.2-3.10.1.x86_64.rpm | Linux |
| SUSE-SU-2019:2502-1(SUSE Linux Enterprise Desktop 12-SP4 ) python-bind-9.11.2-3.10.1.noarch.rpm | Linux |
| Reachable Assertion Vulnerability (CVE-2018-5740) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234