Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2017-3136

A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other preconditions were met. Affects BIND 9.8.0 -> 9.8.8-P1, 9.9.0 -> 9.9.9-P6, 9.9.10b1->9.9.10rc1, 9.10.0 -> 9.10.4-P6, 9.10.5b1->9.10.5rc1, 9.11.0 -> 9.11.0-P3, 9.11.1b1->9.11.1rc1, 9.9.3-S1 -> 9.9.9-S8.

  • Published: Jan 16, 2019
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-3136
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.9
  • AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
isc / bind 9.10.4-p4 9.10.4-p4.x
isc / bind 9.11.0-p1 9.11.0-p1.x
isc / bind 9.10.4-p3 9.10.4-p3.x
isc / bind 9.8.0-p1 9.8.0-p1.x
isc / bind 9.10.4-p2 9.10.4-p2.x
isc / bind 9.9.3 9.9.3.x
isc / bind 9.10.4-p1 9.10.4-p1.x
isc / bind 9.11.0 9.11.0.x
isc / bind 9.9.3-s1 9.9.3-s1.x
isc / bind 9.9.10-beta1 9.9.10-beta1.x
isc / bind 9.10.4-p5 9.10.4-p5.x
isc / bind 9.11.0-p2 9.11.0-p2.x
isc / bind 9.11.1-beta1 9.11.1-beta1.x
isc / bind 9.11.1-rc1 9.11.1-rc1.x
isc / bind 9.11.0-p3 9.11.0-p3.x
isc / bind 9.10.5-rc1 9.10.5-rc1.x
isc / bind 9.10.5-b1 9.10.5-b1.x
isc / bind 9.10.4-p6 9.10.4-p6.x
isc / bind 9.10.0 9.10.4.x
isc / bind 9.9.10-rc1 9.9.10-rc1.x
isc / bind 9.9.0-p2 9.9.0-p2.x
isc / bind 9.9.0-p3 9.9.0-p3.x
isc / bind 9.9.0-p4 9.9.0-p4.x
isc / bind 9.9.0-p5 9.9.0-p5.x
isc / bind 9.9.0-p6 9.9.0-p6.x
isc / bind 9.9.0-p1 9.9.0-p1.x
isc / bind 9.9.0 9.9.9.x
isc / bind 9.8.0 9.8.8.x
redhat / enterprise_linux_desktop 7.0 7.0.x
redhat / enterprise_linux_workstation 7.0 7.0.x
redhat / enterprise_linux_server 7.0 7.0.x
redhat / enterprise_linux_desktop 6.0 6.0.x
redhat / enterprise_linux_server 6.0 6.0.x
redhat / enterprise_linux_workstation 6.0 6.0.x
redhat / enterprise_linux_server_tus 7.3 7.3.x
redhat / enterprise_linux_server_aus 7.3 7.3.x
redhat / enterprise_linux_server_aus 7.4 7.4.x
redhat / enterprise_linux_server_eus 7.3 7.3.x
redhat / enterprise_linux_server_eus 7.4 7.4.x
redhat / enterprise_linux_server_eus 7.5 7.5.x
redhat / enterprise_linux_server_tus 7.6 7.6.x
redhat / enterprise_linux_server_eus 7.6 7.6.x
redhat / enterprise_linux_server_aus 7.6 7.6.x
debian / debian_linux 8.0 8.0.x