Details of VAR-201910-1646

ID

VAR-201910-1646

CVE

CVE-2018-5743

TITLE

ISC BIND 9 Multiple vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2019-002957

DESCRIPTION

By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -> 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743. ISC BIND 9 Contains the following multiple vulnerabilities: *TCP The number of client connections is not limited as configured - CVE-2018-5743 *nxdomain-redirect Due to lack of functions query.c In Assertion Failure Occurs - CVE-2019-6467 *nxdomain-redirect Due to lack of functions Assertion Failure Occurs - CVE-2019-6468The expected impact depends on each vulnerability, but can be affected as follows: * By attacker named File descriptors will be depleted, adversely affecting network connectivity and log and zone journal file management - CVE-2018-5743 *nxdomain-redirect If the function is enabled, an attacker may interfere with service operation (DoS) Attacked - CVE-2019-6467, CVE-2019-6468. ISC BIND is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. ISC BIND is a set of open source software developed by ISC Corporation in the United States that implements the DNS protocol. An attacker could exploit this vulnerability to run out of file descriptors, affecting network connections and file management. ========================================================================== Ubuntu Security Notice USN-3956-2 May 09, 2019 bind9 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM - Ubuntu 12.04 ESM Summary: Bind could be made to consume resources if it received specially crafted network traffic. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: bind9 1:9.9.5.dfsg-3ubuntu0.19+esm1 Ubuntu 12.04 ESM: bind9 1:9.8.1.dfsg.P1-4ubuntu0.28 In general, a standard system update will make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: bind security update Advisory ID: RHSA-2019:1294-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:1294 Issue date: 2019-05-29 CVE Names: CVE-2018-5743 ==================================================================== 1. Summary: An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, noarch, ppc64le, s390x Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x 3. Description: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * bind: Limiting simultaneous TCP clients is ineffective (CVE-2018-5743) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, the BIND daemon (named) will be restarted automatically. 5. Package List: Red Hat Enterprise Linux Client (v. 7): Source: bind-9.9.4-74.el7_6.1.src.rpm noarch: bind-license-9.9.4-74.el7_6.1.noarch.rpm x86_64: bind-debuginfo-9.9.4-74.el7_6.1.i686.rpm bind-debuginfo-9.9.4-74.el7_6.1.x86_64.rpm bind-libs-9.9.4-74.el7_6.1.i686.rpm bind-libs-9.9.4-74.el7_6.1.x86_64.rpm bind-libs-lite-9.9.4-74.el7_6.1.i686.rpm bind-libs-lite-9.9.4-74.el7_6.1.x86_64.rpm bind-utils-9.9.4-74.el7_6.1.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: bind-9.9.4-74.el7_6.1.x86_64.rpm bind-chroot-9.9.4-74.el7_6.1.x86_64.rpm bind-debuginfo-9.9.4-74.el7_6.1.i686.rpm bind-debuginfo-9.9.4-74.el7_6.1.x86_64.rpm bind-devel-9.9.4-74.el7_6.1.i686.rpm bind-devel-9.9.4-74.el7_6.1.x86_64.rpm bind-lite-devel-9.9.4-74.el7_6.1.i686.rpm bind-lite-devel-9.9.4-74.el7_6.1.x86_64.rpm bind-pkcs11-9.9.4-74.el7_6.1.x86_64.rpm bind-pkcs11-devel-9.9.4-74.el7_6.1.i686.rpm bind-pkcs11-devel-9.9.4-74.el7_6.1.x86_64.rpm bind-pkcs11-libs-9.9.4-74.el7_6.1.i686.rpm bind-pkcs11-libs-9.9.4-74.el7_6.1.x86_64.rpm bind-pkcs11-utils-9.9.4-74.el7_6.1.x86_64.rpm bind-sdb-9.9.4-74.el7_6.1.x86_64.rpm bind-sdb-chroot-9.9.4-74.el7_6.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: bind-9.9.4-74.el7_6.1.src.rpm noarch: bind-license-9.9.4-74.el7_6.1.noarch.rpm x86_64: bind-debuginfo-9.9.4-74.el7_6.1.i686.rpm bind-debuginfo-9.9.4-74.el7_6.1.x86_64.rpm bind-libs-9.9.4-74.el7_6.1.i686.rpm bind-libs-9.9.4-74.el7_6.1.x86_64.rpm bind-libs-lite-9.9.4-74.el7_6.1.i686.rpm bind-libs-lite-9.9.4-74.el7_6.1.x86_64.rpm bind-utils-9.9.4-74.el7_6.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: bind-9.9.4-74.el7_6.1.x86_64.rpm bind-chroot-9.9.4-74.el7_6.1.x86_64.rpm bind-debuginfo-9.9.4-74.el7_6.1.i686.rpm bind-debuginfo-9.9.4-74.el7_6.1.x86_64.rpm bind-devel-9.9.4-74.el7_6.1.i686.rpm bind-devel-9.9.4-74.el7_6.1.x86_64.rpm bind-lite-devel-9.9.4-74.el7_6.1.i686.rpm bind-lite-devel-9.9.4-74.el7_6.1.x86_64.rpm bind-pkcs11-9.9.4-74.el7_6.1.x86_64.rpm bind-pkcs11-devel-9.9.4-74.el7_6.1.i686.rpm bind-pkcs11-devel-9.9.4-74.el7_6.1.x86_64.rpm bind-pkcs11-libs-9.9.4-74.el7_6.1.i686.rpm bind-pkcs11-libs-9.9.4-74.el7_6.1.x86_64.rpm bind-pkcs11-utils-9.9.4-74.el7_6.1.x86_64.rpm bind-sdb-9.9.4-74.el7_6.1.x86_64.rpm bind-sdb-chroot-9.9.4-74.el7_6.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: bind-9.9.4-74.el7_6.1.src.rpm noarch: bind-license-9.9.4-74.el7_6.1.noarch.rpm ppc64: bind-9.9.4-74.el7_6.1.ppc64.rpm bind-chroot-9.9.4-74.el7_6.1.ppc64.rpm bind-debuginfo-9.9.4-74.el7_6.1.ppc.rpm bind-debuginfo-9.9.4-74.el7_6.1.ppc64.rpm bind-libs-9.9.4-74.el7_6.1.ppc.rpm bind-libs-9.9.4-74.el7_6.1.ppc64.rpm bind-libs-lite-9.9.4-74.el7_6.1.ppc.rpm bind-libs-lite-9.9.4-74.el7_6.1.ppc64.rpm bind-utils-9.9.4-74.el7_6.1.ppc64.rpm ppc64le: bind-9.9.4-74.el7_6.1.ppc64le.rpm bind-chroot-9.9.4-74.el7_6.1.ppc64le.rpm bind-debuginfo-9.9.4-74.el7_6.1.ppc64le.rpm bind-libs-9.9.4-74.el7_6.1.ppc64le.rpm bind-libs-lite-9.9.4-74.el7_6.1.ppc64le.rpm bind-pkcs11-9.9.4-74.el7_6.1.ppc64le.rpm bind-pkcs11-libs-9.9.4-74.el7_6.1.ppc64le.rpm bind-pkcs11-utils-9.9.4-74.el7_6.1.ppc64le.rpm bind-utils-9.9.4-74.el7_6.1.ppc64le.rpm s390x: bind-9.9.4-74.el7_6.1.s390x.rpm bind-chroot-9.9.4-74.el7_6.1.s390x.rpm bind-debuginfo-9.9.4-74.el7_6.1.s390.rpm bind-debuginfo-9.9.4-74.el7_6.1.s390x.rpm bind-libs-9.9.4-74.el7_6.1.s390.rpm bind-libs-9.9.4-74.el7_6.1.s390x.rpm bind-libs-lite-9.9.4-74.el7_6.1.s390.rpm bind-libs-lite-9.9.4-74.el7_6.1.s390x.rpm bind-utils-9.9.4-74.el7_6.1.s390x.rpm x86_64: bind-9.9.4-74.el7_6.1.x86_64.rpm bind-chroot-9.9.4-74.el7_6.1.x86_64.rpm bind-debuginfo-9.9.4-74.el7_6.1.i686.rpm bind-debuginfo-9.9.4-74.el7_6.1.x86_64.rpm bind-libs-9.9.4-74.el7_6.1.i686.rpm bind-libs-9.9.4-74.el7_6.1.x86_64.rpm bind-libs-lite-9.9.4-74.el7_6.1.i686.rpm bind-libs-lite-9.9.4-74.el7_6.1.x86_64.rpm bind-pkcs11-9.9.4-74.el7_6.1.x86_64.rpm bind-pkcs11-libs-9.9.4-74.el7_6.1.i686.rpm bind-pkcs11-libs-9.9.4-74.el7_6.1.x86_64.rpm bind-pkcs11-utils-9.9.4-74.el7_6.1.x86_64.rpm bind-utils-9.9.4-74.el7_6.1.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7): Source: bind-9.9.4-74.el7_6.1.src.rpm aarch64: bind-9.9.4-74.el7_6.1.aarch64.rpm bind-chroot-9.9.4-74.el7_6.1.aarch64.rpm bind-debuginfo-9.9.4-74.el7_6.1.aarch64.rpm bind-libs-9.9.4-74.el7_6.1.aarch64.rpm bind-libs-lite-9.9.4-74.el7_6.1.aarch64.rpm bind-pkcs11-9.9.4-74.el7_6.1.aarch64.rpm bind-pkcs11-libs-9.9.4-74.el7_6.1.aarch64.rpm bind-pkcs11-utils-9.9.4-74.el7_6.1.aarch64.rpm bind-utils-9.9.4-74.el7_6.1.aarch64.rpm noarch: bind-license-9.9.4-74.el7_6.1.noarch.rpm ppc64le: bind-9.9.4-74.el7_6.1.ppc64le.rpm bind-chroot-9.9.4-74.el7_6.1.ppc64le.rpm bind-debuginfo-9.9.4-74.el7_6.1.ppc64le.rpm bind-libs-9.9.4-74.el7_6.1.ppc64le.rpm bind-libs-lite-9.9.4-74.el7_6.1.ppc64le.rpm bind-pkcs11-9.9.4-74.el7_6.1.ppc64le.rpm bind-pkcs11-libs-9.9.4-74.el7_6.1.ppc64le.rpm bind-pkcs11-utils-9.9.4-74.el7_6.1.ppc64le.rpm bind-utils-9.9.4-74.el7_6.1.ppc64le.rpm s390x: bind-9.9.4-74.el7_6.1.s390x.rpm bind-chroot-9.9.4-74.el7_6.1.s390x.rpm bind-debuginfo-9.9.4-74.el7_6.1.s390.rpm bind-debuginfo-9.9.4-74.el7_6.1.s390x.rpm bind-libs-9.9.4-74.el7_6.1.s390.rpm bind-libs-9.9.4-74.el7_6.1.s390x.rpm bind-libs-lite-9.9.4-74.el7_6.1.s390.rpm bind-libs-lite-9.9.4-74.el7_6.1.s390x.rpm bind-utils-9.9.4-74.el7_6.1.s390x.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: bind-debuginfo-9.9.4-74.el7_6.1.ppc.rpm bind-debuginfo-9.9.4-74.el7_6.1.ppc64.rpm bind-devel-9.9.4-74.el7_6.1.ppc.rpm bind-devel-9.9.4-74.el7_6.1.ppc64.rpm bind-lite-devel-9.9.4-74.el7_6.1.ppc.rpm bind-lite-devel-9.9.4-74.el7_6.1.ppc64.rpm bind-pkcs11-9.9.4-74.el7_6.1.ppc64.rpm bind-pkcs11-devel-9.9.4-74.el7_6.1.ppc.rpm bind-pkcs11-devel-9.9.4-74.el7_6.1.ppc64.rpm bind-pkcs11-libs-9.9.4-74.el7_6.1.ppc.rpm bind-pkcs11-libs-9.9.4-74.el7_6.1.ppc64.rpm bind-pkcs11-utils-9.9.4-74.el7_6.1.ppc64.rpm bind-sdb-9.9.4-74.el7_6.1.ppc64.rpm bind-sdb-chroot-9.9.4-74.el7_6.1.ppc64.rpm ppc64le: bind-debuginfo-9.9.4-74.el7_6.1.ppc64le.rpm bind-devel-9.9.4-74.el7_6.1.ppc64le.rpm bind-lite-devel-9.9.4-74.el7_6.1.ppc64le.rpm bind-pkcs11-devel-9.9.4-74.el7_6.1.ppc64le.rpm bind-sdb-9.9.4-74.el7_6.1.ppc64le.rpm bind-sdb-chroot-9.9.4-74.el7_6.1.ppc64le.rpm s390x: bind-debuginfo-9.9.4-74.el7_6.1.s390.rpm bind-debuginfo-9.9.4-74.el7_6.1.s390x.rpm bind-devel-9.9.4-74.el7_6.1.s390.rpm bind-devel-9.9.4-74.el7_6.1.s390x.rpm bind-lite-devel-9.9.4-74.el7_6.1.s390.rpm bind-lite-devel-9.9.4-74.el7_6.1.s390x.rpm bind-pkcs11-9.9.4-74.el7_6.1.s390x.rpm bind-pkcs11-devel-9.9.4-74.el7_6.1.s390.rpm bind-pkcs11-devel-9.9.4-74.el7_6.1.s390x.rpm bind-pkcs11-libs-9.9.4-74.el7_6.1.s390.rpm bind-pkcs11-libs-9.9.4-74.el7_6.1.s390x.rpm bind-pkcs11-utils-9.9.4-74.el7_6.1.s390x.rpm bind-sdb-9.9.4-74.el7_6.1.s390x.rpm bind-sdb-chroot-9.9.4-74.el7_6.1.s390x.rpm x86_64: bind-debuginfo-9.9.4-74.el7_6.1.i686.rpm bind-debuginfo-9.9.4-74.el7_6.1.x86_64.rpm bind-devel-9.9.4-74.el7_6.1.i686.rpm bind-devel-9.9.4-74.el7_6.1.x86_64.rpm bind-lite-devel-9.9.4-74.el7_6.1.i686.rpm bind-lite-devel-9.9.4-74.el7_6.1.x86_64.rpm bind-pkcs11-devel-9.9.4-74.el7_6.1.i686.rpm bind-pkcs11-devel-9.9.4-74.el7_6.1.x86_64.rpm bind-sdb-9.9.4-74.el7_6.1.x86_64.rpm bind-sdb-chroot-9.9.4-74.el7_6.1.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7): aarch64: bind-debuginfo-9.9.4-74.el7_6.1.aarch64.rpm bind-devel-9.9.4-74.el7_6.1.aarch64.rpm bind-lite-devel-9.9.4-74.el7_6.1.aarch64.rpm bind-pkcs11-devel-9.9.4-74.el7_6.1.aarch64.rpm bind-sdb-9.9.4-74.el7_6.1.aarch64.rpm bind-sdb-chroot-9.9.4-74.el7_6.1.aarch64.rpm ppc64le: bind-debuginfo-9.9.4-74.el7_6.1.ppc64le.rpm bind-devel-9.9.4-74.el7_6.1.ppc64le.rpm bind-lite-devel-9.9.4-74.el7_6.1.ppc64le.rpm bind-pkcs11-devel-9.9.4-74.el7_6.1.ppc64le.rpm bind-sdb-9.9.4-74.el7_6.1.ppc64le.rpm bind-sdb-chroot-9.9.4-74.el7_6.1.ppc64le.rpm s390x: bind-debuginfo-9.9.4-74.el7_6.1.s390.rpm bind-debuginfo-9.9.4-74.el7_6.1.s390x.rpm bind-devel-9.9.4-74.el7_6.1.s390.rpm bind-devel-9.9.4-74.el7_6.1.s390x.rpm bind-lite-devel-9.9.4-74.el7_6.1.s390.rpm bind-lite-devel-9.9.4-74.el7_6.1.s390x.rpm bind-pkcs11-9.9.4-74.el7_6.1.s390x.rpm bind-pkcs11-devel-9.9.4-74.el7_6.1.s390.rpm bind-pkcs11-devel-9.9.4-74.el7_6.1.s390x.rpm bind-pkcs11-libs-9.9.4-74.el7_6.1.s390.rpm bind-pkcs11-libs-9.9.4-74.el7_6.1.s390x.rpm bind-pkcs11-utils-9.9.4-74.el7_6.1.s390x.rpm bind-sdb-9.9.4-74.el7_6.1.s390x.rpm bind-sdb-chroot-9.9.4-74.el7_6.1.s390x.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: bind-9.9.4-74.el7_6.1.src.rpm noarch: bind-license-9.9.4-74.el7_6.1.noarch.rpm x86_64: bind-9.9.4-74.el7_6.1.x86_64.rpm bind-chroot-9.9.4-74.el7_6.1.x86_64.rpm bind-debuginfo-9.9.4-74.el7_6.1.i686.rpm bind-debuginfo-9.9.4-74.el7_6.1.x86_64.rpm bind-libs-9.9.4-74.el7_6.1.i686.rpm bind-libs-9.9.4-74.el7_6.1.x86_64.rpm bind-libs-lite-9.9.4-74.el7_6.1.i686.rpm bind-libs-lite-9.9.4-74.el7_6.1.x86_64.rpm bind-pkcs11-9.9.4-74.el7_6.1.x86_64.rpm bind-pkcs11-libs-9.9.4-74.el7_6.1.i686.rpm bind-pkcs11-libs-9.9.4-74.el7_6.1.x86_64.rpm bind-pkcs11-utils-9.9.4-74.el7_6.1.x86_64.rpm bind-utils-9.9.4-74.el7_6.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bind-debuginfo-9.9.4-74.el7_6.1.i686.rpm bind-debuginfo-9.9.4-74.el7_6.1.x86_64.rpm bind-devel-9.9.4-74.el7_6.1.i686.rpm bind-devel-9.9.4-74.el7_6.1.x86_64.rpm bind-lite-devel-9.9.4-74.el7_6.1.i686.rpm bind-lite-devel-9.9.4-74.el7_6.1.x86_64.rpm bind-pkcs11-devel-9.9.4-74.el7_6.1.i686.rpm bind-pkcs11-devel-9.9.4-74.el7_6.1.x86_64.rpm bind-sdb-9.9.4-74.el7_6.1.x86_64.rpm bind-sdb-chroot-9.9.4-74.el7_6.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-5743 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXO7KxtzjgjWX9erEAQgq8A//Q5Ol4phAsO5vl4AXPrY/Aa2cPFQAsYsd twNvcla3/RGtC9lwna+3dJ3WTDfC1Vwtt8Nb8YC0NhiwutxvH4aO3oxB0gcRSymr xG0tWnNAONa6zFnz4r40UvbV8k62gq2dMpG6KcXpivSXZ5/3RirOZ5tLkaLM7eys IDkFbdI0B4bkmG6YKj/lgHRlZ0DZ2f0dtIa2UpY5vmE33S3IyZFlWzuqxTp4ITQQ EdQclzLSAqY3GYiAqHy5nZCM7x9MkUFToqz8jT1gdvalgpit8Ra286o6uXuqgL7J ho2+FakajgbLhYIUIzF+lxOvM/HjkrStcEVwE7OiCNBcpvi7Rg4L5hultu9QK10v R46N9fnzwLlKy0qicVIAuSjr/3Vj/e+2B23dSzTuaelkdhMcFd9VRuecOd+TPqlR hfYSuqQbwVTN6cL3SZDpXttjO3B+ipucYmVVbuoffXCDT9shweTQFGcJFbucCIcS PXHwIj23QakKWq2bA1OZIEO8tDQyuOgou5X4uAK0iS4p4KOIpv2Yh+LonxyyoTiU GLQzSr8XJMMhxNMdGmvTyIHcCRd7rlk9vj8EMYuVdhFIgd1MVhXp3XF4L7oM9WLC M3thS9i9YYSKtvAtVYEdc7JW5zUxmQz7tG41lDOP5/5nMo9klYcXiEOGw+1Rjq/B dwb7LNgk/TU=2g+S -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 7.4) - ppc64, ppc64le, s390x, x86_64 3

Trust: 2.43

sources: NVD: CVE-2018-5743 // JVNDB: JVNDB-2019-002957 // BID: 108077 // VULHUB: VHN-135775 // PACKETSTORM: 152776 // PACKETSTORM: 152632 // PACKETSTORM: 154767 // PACKETSTORM: 153130 // PACKETSTORM: 154423

AFFECTED PRODUCTS

vendor:	isc	model:	bind	scope:	eq	version:	9.11.5	Trust: 1.3
vendor:	isc	model:	bind	scope:	eq	version:	9.10.8	Trust: 1.3
vendor:	isc	model:	bind	scope:	eq	version:	9.9.3	Trust: 1.3
vendor:	isc	model:	bind	scope:	gte	version:	9.11.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lte	version:	12.1.4	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lte	version:	13.1.1	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	eq	version:	15.0.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	eq	version:	15.0.0	Trust: 1.0
vendor:	f5	model:	iworkflow	scope:	eq	version:	2.3.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	lte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lte	version:	11.6.5	Trust: 1.0
vendor:	f5	model:	big-iq centralized management	scope:	gte	version:	5.0.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	lte	version:	13.1.1	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	lte	version:	12.1.4	Trust: 1.0
vendor:	isc	model:	bind	scope:	gte	version:	9.9.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lte	version:	13.1.1	Trust: 1.0
vendor:	isc	model:	bind	scope:	lte	version:	9.12.4	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	eq	version:	15.0.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	gte	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-iq centralized management	scope:	gte	version:	6.0.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lte	version:	11.6.5	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lte	version:	13.1.1	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	lte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	isc	model:	bind	scope:	gte	version:	9.12.0	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	isc	model:	bind	scope:	gte	version:	9.13.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lte	version:	11.6.5	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	eq	version:	15.0.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	eq	version:	15.0.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	gte	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	lte	version:	12.1.4	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	isc	model:	bind	scope:	lte	version:	9.11.6	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	lte	version:	11.6.5	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lte	version:	12.1.4	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	lte	version:	11.6.5	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	eq	version:	15.0.0	Trust: 1.0
vendor:	isc	model:	bind	scope:	lte	version:	9.10.8	Trust: 1.0
vendor:	f5	model:	enterprise manager	scope:	eq	version:	3.1.1	Trust: 1.0
vendor:	f5	model:	big-iq centralized management	scope:	lte	version:	6.1.0	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	lte	version:	12.1.4	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	lte	version:	11.6.5	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	lte	version:	14.1.0	Trust: 1.0
vendor:	isc	model:	bind	scope:	lte	version:	9.13.7	Trust: 1.0
vendor:	isc	model:	bind	scope:	eq	version:	9.14.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	lte	version:	13.1.1	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lte	version:	12.1.4	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gte	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	lte	version:	11.6.5	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	eq	version:	15.0.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lte	version:	13.1.1	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	lte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lte	version:	12.1.4	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	gte	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	eq	version:	15.0.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lte	version:	11.6.5	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lte	version:	12.1.4	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	lte	version:	13.1.1	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lte	version:	11.6.5	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	gte	version:	13.1.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	eq	version:	15.0.0	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	gte	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lte	version:	12.1.4	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	lte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	eq	version:	15.0.0	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	lte	version:	12.1.4	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip analytics	scope:	lte	version:	13.1.1	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	gte	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	lte	version:	11.6.5	Trust: 1.0
vendor:	f5	model:	big-iq centralized management	scope:	lte	version:	5.4.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip local traffic manager	scope:	lte	version:	13.1.1	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip advanced firewall manager	scope:	lte	version:	13.1.1	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lte	version:	12.1.4	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	14.0.0	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	lte	version:	12.1.4	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	lte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip domain name system	scope:	lte	version:	13.1.1	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	lte	version:	11.6.5	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	gte	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip fraud protection service	scope:	lte	version:	13.1.1	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	lte	version:	14.1.1	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	eq	version:	15.0.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	eq	version:	15.0.0	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip link controller	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	f5	model:	big-ip webaccelerator	scope:	gte	version:	11.5.2	Trust: 1.0
vendor:	f5	model:	big-ip application acceleration manager	scope:	lte	version:	14.1.0	Trust: 1.0
vendor:	f5	model:	big-ip access policy manager	scope:	gte	version:	12.1.0	Trust: 1.0
vendor:	f5	model:	big-ip edge gateway	scope:	eq	version:	15.0.0	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	lte	version:	12.1.4	Trust: 1.0
vendor:	f5	model:	big-ip application security manager	scope:	lte	version:	13.1.1	Trust: 1.0
vendor:	f5	model:	big-ip policy enforcement manager	scope:	lte	version:	11.6.5	Trust: 1.0
vendor:	f5	model:	big-ip global traffic manager	scope:	lte	version:	11.6.5	Trust: 1.0
vendor:	isc	model:	bind	scope:	-	version:	-	Trust: 0.8
vendor:	isc	model:	bind	scope:	eq	version:	9.14	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.12.4	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.12.3	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.12.2	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.12.1	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.12	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.11.6	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.11.4	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.11.3	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.11.2	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.11.1	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.10.7	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.10.6	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.10.5	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.10.3	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.10.2	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.10	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.9.13	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.9.11	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.9.10	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.9.8	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.9.7	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.9.5	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.9.4	Trust: 0.3
vendor:	isc	model:	bind 9.9.9-s9	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.9-s8	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.9-s7	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.9-s6	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.9-s5	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.9-s4	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.9-s3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.9-s2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.9-s10	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.9-s1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.9-p8	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.9-p7	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.9-p6	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.9-p5	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.9-p4	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.9-p3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.9-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.9-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.8rc1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.8-s6	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.8-s5	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.8-s4	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.8-s3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.8-s2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.8-s1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.8-p4	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.8-p3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.8-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.8-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.7-p3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.7-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.7-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind b1	scope:	eq	version:	9.9.7	Trust: 0.3
vendor:	isc	model:	bind 9.9.6-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.6-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind p1	scope:	eq	version:	9.9.6	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.9.6	Trust: 0.3
vendor:	isc	model:	bind 9.9.4-p65	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.4-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.4-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind b1	scope:	eq	version:	9.9.4	Trust: 0.3
vendor:	isc	model:	bind 9.9.3-s1-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.3-s1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.3-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.3-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.3-b1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind rc2	scope:	eq	version:	9.9.3	Trust: 0.3
vendor:	isc	model:	bind rc1	scope:	eq	version:	9.9.3	Trust: 0.3
vendor:	isc	model:	bind p2	scope:	eq	version:	9.9.3	Trust: 0.3
vendor:	isc	model:	bind p1	scope:	eq	version:	9.9.3	Trust: 0.3
vendor:	isc	model:	bind b2	scope:	eq	version:	9.9.3	Trust: 0.3
vendor:	isc	model:	bind b1	scope:	eq	version:	9.9.3	Trust: 0.3
vendor:	isc	model:	bind 9.9.2-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.2-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.9.2	Trust: 0.3
vendor:	isc	model:	bind 9.9.13-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.11-s2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.11-s1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.11-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.10rc3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.10rc2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.10rc1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.10b1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.10-s3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.10-s2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.10-s1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.10-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.10-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.1-p4	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.1-p3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.1-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.9.1-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind p2	scope:	eq	version:	9.9.1	Trust: 0.3
vendor:	isc	model:	bind p1	scope:	eq	version:	9.9.1	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.9.1	Trust: 0.3
vendor:	isc	model:	bind rc4	scope:	eq	version:	9.9.0	Trust: 0.3
vendor:	isc	model:	bind rc3	scope:	eq	version:	9.9.0	Trust: 0.3
vendor:	isc	model:	bind rc2	scope:	eq	version:	9.9.0	Trust: 0.3
vendor:	isc	model:	bind rc1	scope:	eq	version:	9.9.0	Trust: 0.3
vendor:	isc	model:	bind b2	scope:	eq	version:	9.9.0	Trust: 0.3
vendor:	isc	model:	bind b1	scope:	eq	version:	9.9.0	Trust: 0.3
vendor:	isc	model:	bind a3	scope:	eq	version:	9.9.0	Trust: 0.3
vendor:	isc	model:	bind a2	scope:	eq	version:	9.9.0	Trust: 0.3
vendor:	isc	model:	bind a1	scope:	eq	version:	9.9.0	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.9.0	Trust: 0.3
vendor:	isc	model:	bind 9.12.3-p4	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.12.3-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.12.3-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.12.2-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.12.2-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.12.1-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.12.1-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.12.0rc2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.12.0rc1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.12.0a1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.6-s1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.5-s6	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.5-s5	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.5-s3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.5-p4	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.5-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.5-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.4-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.4-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.2-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.1rc3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.1rc2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.1rc1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.1b1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.1-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.1-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.0rc3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.0rc1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.0b2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.0b1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.0a3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.0-p5	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.0-p4	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.0-p3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.0-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.0-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.11.0	Trust: 0.3
vendor:	isc	model:	bind 9.10.7-s1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.6-s3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.6-s2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.6-s1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.6-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.5rc3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.5rc2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.5rc1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.5b1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.5-s4	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.5-s3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.5-s2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.5-s1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.5-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.5-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.4-p8	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.4-p7	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.4-p6	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.4-p5	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.4-p4	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.4-p3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.4-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.4-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.3rc1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.3-p4	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.3-p3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.3-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.3-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.2-p4	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.2-p3	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.2-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind rc1	scope:	eq	version:	9.10.2	Trust: 0.3
vendor:	isc	model:	bind b1	scope:	eq	version:	9.10.2	Trust: 0.3
vendor:	isc	model:	bind 9.10.1-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.1-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind p1	scope:	eq	version:	9.10.1	Trust: 0.3
vendor:	isc	model:	bind	scope:	eq	version:	9.10.1	Trust: 0.3
vendor:	isc	model:	bind 9.10.0-p2	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.10.0-p1	scope:	-	version:	-	Trust: 0.3
vendor:	isc	model:	bind	scope:	ne	version:	9.14.1	Trust: 0.3
vendor:	isc	model:	bind 9.12.4-p1	scope:	ne	version:	-	Trust: 0.3
vendor:	isc	model:	bind 9.11.6-p1	scope:	ne	version:	-	Trust: 0.3

sources: BID: 108077 // JVNDB: JVNDB-2019-002957 // NVD: CVE-2018-5743

CVSS

SEVERITY

CVSSV2

CVSSV3

JPCERT/CC:	JVNDB-2019-002957
value:	MEDIUM
Trust: 1.6
nvd@nist.gov:	CVE-2018-5743
value:	HIGH
Trust: 1.0
security-officer@isc.org:	CVE-2018-5743
value:	HIGH
Trust: 1.0
IPA:	JVNDB-2019-002957
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201904-1155
value:	HIGH
Trust: 0.6
VULHUB:	VHN-135775
value:	MEDIUM
Trust: 0.1

IPA:	JVNDB-2019-002957
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.6
nvd@nist.gov:	CVE-2018-5743
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
JPCERT/CC:	JVNDB-2019-002957
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-135775
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

JPCERT/CC:	JVNDB-2019-002957
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 1.6
nvd@nist.gov:	CVE-2018-5743
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
security-officer@isc.org:	CVE-2018-5743
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.0
IPA:	JVNDB-2019-002957
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-135775 // JVNDB: JVNDB-2019-002957 // JVNDB: JVNDB-2019-002957 // JVNDB: JVNDB-2019-002957 // CNNVD: CNNVD-201904-1155 // NVD: CVE-2018-5743 // NVD: CVE-2018-5743

PROBLEMTYPE DATA

problemtype:

CWE-770

Trust: 1.1

sources: VULHUB: VHN-135775 // NVD: CVE-2018-5743

THREAT TYPE

remote

Trust: 0.8

sources: PACKETSTORM: 152776 // PACKETSTORM: 152632 // CNNVD: CNNVD-201904-1155

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201904-1155

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-002957

PATCH

title:	CVE-2018-5743: Limiting simultaneous TCP clients is ineffective	url:	https://kb.isc.org/docs/cve-2018-5743	Trust: 0.8
title:	CVE-2019-6467: An error in the nxdomain redirect feature can cause BIND to exit with an INSIST assertion failure in query.c	url:	https://kb.isc.org/docs/cve-2019-6467	Trust: 0.8
title:	CVE-2019-6468: BIND Supported Preview Edition can exit with an assertion failure if nxdomain-redirect is used	url:	https://kb.isc.org/docs/cve-2019-6468	Trust: 0.8
title:	ISC BIND Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91993	Trust: 0.6

sources: JVNDB: JVNDB-2019-002957 // CNNVD: CNNVD-201904-1155

EXTERNAL IDS

db:	NVD	id:	CVE-2018-5743	Trust: 3.4
db:	BID	id:	108077	Trust: 1.0
db:	PACKETSTORM	id:	152632	Trust: 0.8
db:	JVN	id:	JVNVU99876126	Trust: 0.8
db:	JVNDB	id:	JVNDB-2019-002957	Trust: 0.8
db:	PACKETSTORM	id:	152658	Trust: 0.7
db:	CNNVD	id:	CNNVD-201904-1155	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.1676	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.1408	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.1405.2	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.2134	Trust: 0.6
db:	PACKETSTORM	id:	154423	Trust: 0.2
db:	PACKETSTORM	id:	152820	Trust: 0.2
db:	PACKETSTORM	id:	153130	Trust: 0.2
db:	PACKETSTORM	id:	152776	Trust: 0.2
db:	PACKETSTORM	id:	154767	Trust: 0.2
db:	PACKETSTORM	id:	153311	Trust: 0.1
db:	PACKETSTORM	id:	152781	Trust: 0.1
db:	VULHUB	id:	VHN-135775	Trust: 0.1

sources: VULHUB: VHN-135775 // BID: 108077 // JVNDB: JVNDB-2019-002957 // PACKETSTORM: 152776 // PACKETSTORM: 152632 // PACKETSTORM: 152820 // PACKETSTORM: 154767 // PACKETSTORM: 153130 // PACKETSTORM: 154423 // CNNVD: CNNVD-201904-1155 // NVD: CVE-2018-5743

REFERENCES

url:	https://kb.isc.org/docs/cve-2018-5743	Trust: 2.7
url:	https://nvd.nist.gov/vuln/detail/cve-2018-5743	Trust: 2.0
url:	https://www.synology.com/security/advisory/synology_sa_19_20	Trust: 1.7
url:	https://access.redhat.com/security/cve/cve-2018-5743	Trust: 1.3
url:	https://support.f5.com/csp/article/k74009656?utm_source=f5support&amp%3butm_medium=rss	Trust: 1.0
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1702541	Trust: 0.9
url:	http://www.isc.org/products/bind/	Trust: 0.9
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-5743	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6467	Trust: 0.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6468	Trust: 0.8
url:	https://www.jpcert.or.jp/at/2019/at190019.html	Trust: 0.8
url:	https://jprs.jp/tech/security/2019-04-25-bind9-vuln-tcp-clients.html	Trust: 0.8
url:	https://jprs.jp/tech/security/2019-04-25-bind9-vuln-nxdomain-redirect.html	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu99876126/index.html	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-6467	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-6468	Trust: 0.8
url:	https://access.redhat.com/errata/rhsa-2019:1145	Trust: 0.7
url:	https://support.f5.com/csp/article/k74009656?utm_source=f5support&utm_medium=rss	Trust: 0.6
url:	https://support.f5.com/csp/article/k74009656	Trust: 0.6
url:	https://usn.ubuntu.com/3956-1/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/79630	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/80750	Trust: 0.6
url:	https://packetstormsecurity.com/files/152632/ubuntu-security-notice-usn-3956-1.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/79654	Trust: 0.6
url:	https://vigilance.fr/vulnerability/isc-bind-measure-against-denial-of-service-ineffective-29129	Trust: 0.6
url:	https://packetstormsecurity.com/files/152658/slackware-security-advisory-bind-updates.html	Trust: 0.6
url:	https://www.securityfocus.com/bid/108077	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.2134/	Trust: 0.6
url:	https://www.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.4
url:	https://bugzilla.redhat.com/):	Trust: 0.4
url:	https://access.redhat.com/security/team/key/	Trust: 0.4
url:	https://access.redhat.com/articles/11258	Trust: 0.4
url:	https://access.redhat.com/security/team/contact/	Trust: 0.4
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.4
url:	https://usn.ubuntu.com/usn/usn-3956-1	Trust: 0.2
url:	https://support.f5.com/csp/article/k74009656?utm_source=f5support&amp;utm_medium=rss	Trust: 0.1
url:	https://usn.ubuntu.com/usn/usn-3956-2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.p4-8ubuntu1.14	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/bind9/1:9.11.4+dfsg-3ubuntu5.3	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/bind9/1:9.11.5.p1+dfsg-1ubuntu2.3	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/bind9/1:9.11.3+dfsg-1ubuntu1.7	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2019:2977	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2019:1294	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2019:2698	Trust: 0.1

CREDITS

Ubuntu,Slackware Security Team

Trust: 0.6

sources: CNNVD: CNNVD-201904-1155

SOURCES

db:	VULHUB	id:	VHN-135775
db:	BID	id:	108077
db:	JVNDB	id:	JVNDB-2019-002957
db:	PACKETSTORM	id:	152776
db:	PACKETSTORM	id:	152632
db:	PACKETSTORM	id:	152820
db:	PACKETSTORM	id:	154767
db:	PACKETSTORM	id:	153130
db:	PACKETSTORM	id:	154423
db:	CNNVD	id:	CNNVD-201904-1155
db:	NVD	id:	CVE-2018-5743

LAST UPDATE DATE

2024-09-19T00:42:01.612000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-135775	date:	2019-12-18T00:00:00
db:	BID	id:	108077	date:	2019-04-24T00:00:00
db:	JVNDB	id:	JVNDB-2019-002957	date:	2019-12-02T00:00:00
db:	CNNVD	id:	CNNVD-201904-1155	date:	2020-06-19T00:00:00
db:	NVD	id:	CVE-2018-5743	date:	2023-11-07T02:58:49.943

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-135775	date:	2019-10-09T00:00:00
db:	BID	id:	108077	date:	2019-04-24T00:00:00
db:	JVNDB	id:	JVNDB-2019-002957	date:	2019-04-26T00:00:00
db:	PACKETSTORM	id:	152776	date:	2019-05-09T03:33:33
db:	PACKETSTORM	id:	152632	date:	2019-04-25T16:00:50
db:	PACKETSTORM	id:	152820	date:	2019-05-13T15:13:10
db:	PACKETSTORM	id:	154767	date:	2019-10-08T19:58:17
db:	PACKETSTORM	id:	153130	date:	2019-05-30T14:50:14
db:	PACKETSTORM	id:	154423	date:	2019-09-10T23:08:50
db:	CNNVD	id:	CNNVD-201904-1155	date:	2019-04-25T00:00:00
db:	NVD	id:	CVE-2018-5743	date:	2019-10-09T16:15:13.763