CVE-2017-3136

A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.4:p5:*:*:*:*:*:*
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.1:rc1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.1:beta1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.0:p2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.10:beta1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.0:p2:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.8.0:p1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.4:p1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.0:*:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.11.0:p3:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.5:rc1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.5:b1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.10.4:p6:*:*:*:*:*:*
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.10:rc1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.0:p3:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.0:p4:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.0:p5:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.0:p6:*:*:*:*:*:*
cpe:2.3:a:isc:bind:9.9.0:p1:*:*:*:*:*:*
cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Information

Published : 2019-01-16 12:29

Updated : 2020-10-20 05:15


NVD link : CVE-2017-3136

Mitre link : CVE-2017-3136


JSON object : View

CWE
CWE-617

Reachable Assertion

Advertisement

dedicated server usa

Products Affected

redhat

  • enterprise_linux_desktop
  • enterprise_linux_server_aus
  • enterprise_linux_workstation
  • enterprise_linux_server_tus
  • enterprise_linux_server_eus
  • enterprise_linux_server

netapp

  • data_ontap_edge
  • element_software
  • oncommand_balance

debian

  • debian_linux

isc

  • bind