Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1. (CVE-2015-3135)

BIG-IP configurations using DNS64 (the DNS IPv6 to IPv4 option configured in the DNS profile) and Response Policy Zone (RPZ) rewriting (in the BIND configuration) together are affected by this CVE.

Note: The DNS IPv6 to IPv4 option is disabled, by default, in the DNS profile.

Note: RPZ Rewriting is an optional BIND 9.x configuration that allows administrators to create DNS deny lists.

Impact

Remote attackers may be able to cause a BIND denial-of-service (DoS) attack by making a query for an AAAA record.

nessus 39

openvas 27

fedora 4

alpinelinux 1

cvelist 4

centos 1

redhatcve 1

altlinux 4

nvd 4

ubuntu 1

archlinux 1

checkpoint_advisories 1

debiancve 1

ibm 4

osv 3

oraclelinux 1

threatpost 1

debian 3

cve 4

ubuntucve 4

redhat 2

slackware 1

prion 4

cloudfoundry 1

mageia 2

gentoo 2

suse 2

kaspersky 1

securityvulns 1

nessus

F5 Networks BIG-IP : BIND vulnerability (K80533167)

2017-02-23 00:00:00

Ubuntu 14.04 LTS / 16.04 LTS : Bind vulnerabilities (USN-3201-1)

2017-02-17 00:00:00

Oracle Linux 7 : bind (ELSA-2017-0276)

2017-02-16 00:00:00

openvas

ISC BIND DNS64 and RPZ Denial of Service Vulnerability

2017-02-27 00:00:00

Ubuntu: Security Advisory (USN-3201-1)

2017-02-17 00:00:00

SUSE: Security Advisory (SUSE-SU-2017:0594-1)

2021-04-19 00:00:00

fedora

[SECURITY] Fedora 25 Update: bind-9.10.4-4.P6.fc25

2017-02-14 15:52:13

[SECURITY] Fedora 24 Update: bind-9.10.4-3.P6.fc24

2017-02-19 22:48:18

[SECURITY] Fedora 25 Update: bind99-9.9.9-4.P6.fc25

2017-03-05 02:52:48

alpinelinux

CVE-2017-3135

2019-01-16 20:29:00

cvelist

CVE-2017-3135 Combination of DNS64 and RPZ Can Lead to Crash

2017-02-08 00:00:00

CVE-2015-3135

2015-07-09 16:00:00

CVE-2015-4432

2015-07-09 16:00:00

centos

bind security update

2017-02-15 14:49:31

redhatcve

CVE-2017-3135

2017-02-09 04:48:07

altlinux

Security fix for the ALT Linux 8 package bind version 9.10.4-alt2

2017-02-08 00:00:00

Security fix for the ALT Linux 9 package bind version 9.10.4-alt2

2017-02-08 00:00:00

Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt47

2015-07-08 00:00:00

nvd

CVE-2017-3135

2019-01-16 20:29:00

CVE-2015-5118

2015-07-09 16:59:30

CVE-2015-4432

2015-07-09 16:59:27

ubuntu

Bind vulnerabilities

2017-02-16 00:00:00

archlinux

[ASA-201702-8] bind: denial of service

2017-02-09 00:00:00

checkpoint_advisories

ISC BIND DNS64 and RPZ Query Processing Denial of Service (CVE-2017-3135)

2017-05-28 00:00:00

debiancve

CVE-2017-3135

2019-01-16 20:29:00

ibm

Security Bulletin: A vulnerability in BIND affects PowerKVM

2018-06-18 01:35:11

Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerability in bind (CVE-2017-3135)

2019-01-31 02:25:02

Security Bulletin: IBM i is affected by networking BIND vulnerabilities (CVE-2016-9131, CVE-2016-9444, CVE-2016-9147, CVE-2016-9778 and CVE-2017-3135)

2019-12-18 14:26:38

osv

bind9 - security update

2017-02-26 00:00:00

bind9 - security update

2017-02-28 00:00:00

CVE-2017-3135

2019-01-16 20:29:00

oraclelinux

bind security update

2017-02-15 00:00:00

threatpost

High Severity BIND Vulnerability Can Lead to A Crash

2017-02-09 13:13:41

debian

[SECURITY] [DLA 843-1] bind9 security update

2017-02-28 21:18:57

[SECURITY] [DSA 3795-1] bind9 security update

2017-02-26 02:45:32

[SECURITY] [DSA 3795-1] bind9 security update

2017-02-26 02:45:32

cve

CVE-2017-3135

2019-01-16 20:29:00

CVE-2015-5118

2015-07-09 16:59:30

CVE-2015-3135

2015-07-09 16:59:21

ubuntucve

CVE-2017-3135

2017-02-09 00:00:00

CVE-2015-3135

2015-07-09 00:00:00

CVE-2015-4432

2015-07-09 00:00:00

redhat

(RHSA-2017:0276) Moderate: bind security update

2017-02-15 12:15:37

(RHSA-2015:1214) Critical: flash-plugin security update

2015-07-08 00:00:00

slackware

[slackware-security] bind

2017-02-10 20:40:38

prion

Design/Logic Flaw

2019-01-16 20:29:00

Heap overflow

2015-07-09 16:59:00

Heap overflow

2015-07-09 16:59:00

cloudfoundry

USN-3201-1: Bind vulnerabilities | Cloud Foundry

2017-03-31 00:00:00

mageia

Updated bind packages fix security vulnerability

2017-12-31 15:00:06

Updated flash-player-plugin package fixes critical security vulnerabilities

2015-07-09 11:09:20

gentoo

BIND: Multiple vulnerabilities

2017-08-17 00:00:00

Adobe Flash Player: Multiple vulnerabilities

2015-07-10 00:00:00

suse

Security update for flash-player (critical)

2015-07-09 11:08:12

Security update for flash-player (critical)

2015-07-09 14:08:22

kaspersky

KLA10623 Multiple vulnerabilities in Adobe products

2015-07-08 00:00:00

securityvulns

Adobe Flash Player multiple security vulnerabilities

2015-07-19 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

5.7

Confidence

High

EPSS

0.07

Percentile

94.0%

JSON

Related for F5:K80533167