SB2020040195 - Red Hat Enterprise Linux 7 update for bind

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2020040195

SB2020040195 - Red Hat Enterprise Linux 7 update for bind

Published: April 1, 2020

Security Bulletin ID SB2020040195
Severity
Medium
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 67% Low 33%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2018-5745)

The vulnerability allows a remote privileged user to perform a denial of service (DoS) attack.

"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor's keys are replaced with keys which use an unsupported algorithm. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745.


2) Information disclosure (CVE-ID: CVE-2019-6465)

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists due to controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable. A remote attacker can request and receive a zone transfer of a DLZ even when not permitted to do so by the allow-transfer ACL.

3) Resource management error (CVE-ID: CVE-2019-6477)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect implementation of TCP-pipelining feature in ISC BIND, aimed to limit the number of concurrent connections and protect the server from denial of service attacks. A remote attacker can initiate a TCP-pipelined connection with multiple queries that consume more resources than the server has been provisioned to handle and crash the server, when closing the connection.


Remediation

Install update from vendor's website.

References