CVE-2018-5734

Description

While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2.

CVSS breakdown

CVSS 3.0

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Affected products

ISC / BIND 99.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2 – 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2

References

MISChttps://kb.isc.org/docs/aa-01562
MISChttps://security.netapp.com/advisory/ntap-20180926-0005/
MISChttp://www.securityfocus.com/bid/103189
MISChttp://www.securitytracker.com/id/1040438