CVE-2018-5738

EPSS 2.18%
Published 16.01.2019 20:29:00
Last modified 21.11.2024 04:09:17
Source security-officer@isc.org
Teams watchlist Login
Open Login

Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended (and documented) behavior is that if an operator has not specified a value for the "allow-recursion" setting, it SHOULD default to one of the following: none, if "recursion no;" is set in named.conf; a value inherited from the "allow-query-cache" or "allow-query" settings IF "recursion yes;" (the default for that setting) AND match lists are explicitly set for "allow-query-cache" or "allow-query" (see the BIND9 Administrative Reference Manual section 6.2 for more details); or the intended default of "allow-recursion {localhost; localnets;};" if "recursion yes;" is in effect and no values are explicitly set for "allow-query-cache" or "allow-query". However, because of the regression introduced by change #4777, it is possible when "recursion yes;" is in effect and no match list values are provided for "allow-query-cache" or "allow-query" for the setting of "allow-recursion" to inherit a setting of all hosts from the "allow-query" setting default, improperly permitting recursion to all clients. Affects BIND 9.9.12, 9.10.7, 9.11.3, 9.12.0->9.12.1-P2, the development release 9.13.0, and also releases 9.9.12-S1, 9.10.7-S1, 9.11.3-S1, and 9.11.3-S2 from BIND 9 Supported Preview Edition.

Affected products Warnungen 0 Metrics 4 CWE 1 References 8

Data is provided by the National Vulnerability Database (NVD)

Isc ≫ Bind Version9.9.12

Isc ≫ Bind Version9.9.12 Updates1

Isc ≫ Bind Version9.10.7

Isc ≫ Bind Version9.10.7 Updates1

Isc ≫ Bind Version9.11.3

Isc ≫ Bind Version9.11.3 Updates1

Isc ≫ Bind Version9.11.3 Updates2

Isc ≫ Bind Version9.12.0

Isc ≫ Bind Version9.12.0 Updatea1

Isc ≫ Bind Version9.12.0 Updateb1

Isc ≫ Bind Version9.12.0 Updateb2

Isc ≫ Bind Version9.12.0 Updaterc1

Isc ≫ Bind Version9.12.0 Updaterc3

Isc ≫ Bind Version9.12.1

Isc ≫ Bind Version9.12.1 Updatep1

Isc ≫ Bind Version9.12.1 Updatep2

Isc ≫ Bind Version9.13.0

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.18%	0.838

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
security-officer@isc.org	5.3	3.9	1.4	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www.securitytracker.com/id/1041115

Third Party Advisory

VDB Entry

https://kb.isc.org/docs/aa-01616

Vendor Advisory

Mitigation

https://security.gentoo.org/glsa/201903-13

Third Party Advisory

https://security.netapp.com/advisory/ntap-20190830-0002/

https://usn.ubuntu.com/3683-1/

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-5738

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-5738

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-5738

EUVD