Lucene search
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2019-2502-1.NASLHistoryOct 02, 2019 - 12:00 a.m.
SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2019:2502-1)
2019-10-0200:00:00
This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
31
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.944 High
EPSS
Percentile
99.2%
This update for bind fixes the following issues :
Security issues fixed :
CVE-2019-6465: Fixed an issue where controls for zone transfers may not be properly applied to Dynamically Loadable Zones (bsc#1126069).
CVE-2019-6471: Fixed a reachable assert in dispatch.c. (bsc#1138687)
CVE-2018-5745: Fixed a denial of service vulnerability if a trust anchor rolls over to an unsupported key algorithm when using managed-keys (bsc#1126068).
CVE-2018-5743: Fixed a denial of service vulnerability which could be caused by to many simultaneous TCP connections (bsc#1133185).
CVE-2018-5740: Fixed a denial of service vulnerability in the ‘deny-answer-aliases’ feature (bsc#1104129).
Non-security issues fixed: Don’t rely on /etc/insserv.conf anymore for proper dependencies against nss-lookup.target in named.service and lwresd.service (bsc#1118367, bsc#1118368).
Fix FIPS related regression (bsc#1128220).
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2019:2502-1.
# The text itself is copyright (C) SUSE.
#
include("compat.inc");
if (description)
{
script_id(129526);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/13");
script_cve_id("CVE-2018-5740", "CVE-2018-5743", "CVE-2018-5745", "CVE-2019-6465", "CVE-2019-6471");
script_name(english:"SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2019:2502-1)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote SUSE host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"This update for bind fixes the following issues :
Security issues fixed :
CVE-2019-6465: Fixed an issue where controls for zone transfers may
not be properly applied to Dynamically Loadable Zones (bsc#1126069).
CVE-2019-6471: Fixed a reachable assert in dispatch.c. (bsc#1138687)
CVE-2018-5745: Fixed a denial of service vulnerability if a trust
anchor rolls over to an unsupported key algorithm when using
managed-keys (bsc#1126068).
CVE-2018-5743: Fixed a denial of service vulnerability which could be
caused by to many simultaneous TCP connections (bsc#1133185).
CVE-2018-5740: Fixed a denial of service vulnerability in the
'deny-answer-aliases' feature (bsc#1104129).
Non-security issues fixed: Don't rely on /etc/insserv.conf anymore for
proper dependencies against nss-lookup.target in named.service and
lwresd.service (bsc#1118367, bsc#1118368).
Fix FIPS related regression (bsc#1128220).
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1104129"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1118367"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1118368"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1126068"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1126069"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1128220"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1133185"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=1138687"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-5740/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-5743/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2018-5745/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2019-6465/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2019-6471/"
);
# https://www.suse.com/support/update/announcement/2019/suse-su-20192502-1/
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?5b6341fa"
);
script_set_attribute(
attribute:"solution",
value:
"To install this SUSE Security Update use the SUSE recommended
installation methods like YaST online_update or 'zypper patch'.
Alternatively you can run the command listed for your product :
SUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t
patch SUSE-SLE-SDK-12-SP4-2019-2502=1
SUSE Linux Enterprise Server 12-SP4:zypper in -t patch
SUSE-SLE-SERVER-12-SP4-2019-2502=1
SUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch
SUSE-SLE-DESKTOP-12-SP4-2019-2502=1"
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-6465");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bind");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bind-chrootenv");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bind-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bind-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bind-utils");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:bind-utils-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libbind9");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libbind9-160-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libdns169");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libdns169-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libirs160");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libirs160-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libisc166");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libisc166-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libisccc160");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libisccc160-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libisccfg160");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libisccfg160-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:liblwres160");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:liblwres160-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/16");
script_set_attribute(attribute:"patch_publication_date", value:"2019/10/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/02");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED12|SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED12 / SLES12", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES12" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP4", os_ver + " SP" + sp);
if (os_ver == "SLED12" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLED12 SP4", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES12", sp:"4", reference:"bind-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"bind-chrootenv-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"bind-debuginfo-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"bind-debugsource-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"bind-utils-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"bind-utils-debuginfo-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"libbind9-160-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"libbind9-160-debuginfo-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"libdns169-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"libdns169-debuginfo-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"libirs160-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"libirs160-debuginfo-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"libisc166-32bit-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"libisc166-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"libisc166-debuginfo-32bit-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"libisc166-debuginfo-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"libisccc160-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"libisccc160-debuginfo-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"libisccfg160-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"libisccfg160-debuginfo-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"liblwres160-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLES12", sp:"4", reference:"liblwres160-debuginfo-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"bind-debuginfo-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"bind-debugsource-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"bind-utils-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"bind-utils-debuginfo-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libbind9-160-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libbind9-160-debuginfo-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libdns169-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libdns169-debuginfo-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libirs160-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libirs160-debuginfo-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libisc166-32bit-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libisc166-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libisc166-debuginfo-32bit-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libisc166-debuginfo-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libisccc160-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libisccc160-debuginfo-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libisccfg160-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"libisccfg160-debuginfo-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"liblwres160-9.11.2-3.10.1")) flag++;
if (rpm_check(release:"SLED12", sp:"4", cpu:"x86_64", reference:"liblwres160-debuginfo-9.11.2-3.10.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| novell | suse_linux | bind | p-cpe:/a:novell:suse_linux:bind |
| novell | suse_linux | bind-chrootenv | p-cpe:/a:novell:suse_linux:bind-chrootenv |
| novell | suse_linux | bind-debuginfo | p-cpe:/a:novell:suse_linux:bind-debuginfo |
| novell | suse_linux | bind-debugsource | p-cpe:/a:novell:suse_linux:bind-debugsource |
| novell | suse_linux | bind-utils | p-cpe:/a:novell:suse_linux:bind-utils |
| novell | suse_linux | bind-utils-debuginfo | p-cpe:/a:novell:suse_linux:bind-utils-debuginfo |
| novell | suse_linux | libbind9 | p-cpe:/a:novell:suse_linux:libbind9 |
| novell | suse_linux | libbind9-160-debuginfo | p-cpe:/a:novell:suse_linux:libbind9-160-debuginfo |
| novell | suse_linux | libdns169 | p-cpe:/a:novell:suse_linux:libdns169 |
| novell | suse_linux | libdns169-debuginfo | p-cpe:/a:novell:suse_linux:libdns169-debuginfo |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5740
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5743
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5745
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6465
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6471
www.nessus.org/u?5b6341fa
bugzilla.suse.com/show_bug.cgi?id=1104129
bugzilla.suse.com/show_bug.cgi?id=1118367
bugzilla.suse.com/show_bug.cgi?id=1118368
bugzilla.suse.com/show_bug.cgi?id=1126068
bugzilla.suse.com/show_bug.cgi?id=1126069
bugzilla.suse.com/show_bug.cgi?id=1128220
bugzilla.suse.com/show_bug.cgi?id=1133185
bugzilla.suse.com/show_bug.cgi?id=1138687
www.suse.com/security/cve/CVE-2018-5740/
www.suse.com/security/cve/CVE-2018-5743/
www.suse.com/security/cve/CVE-2018-5745/
www.suse.com/security/cve/CVE-2019-6465/
www.suse.com/security/cve/CVE-2019-6471/
Related
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2019:2502-1)
2021-04-19 00:00:00
openSUSE: Security Advisory for bind (openSUSE-SU-2019:1533-1)
2019-06-11 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:14074-1)
2021-06-09 00:00:00
nessus
nessus
SUSE SLES12 Security Update : bind (SUSE-SU-2019:1449-1)
2019-06-10 00:00:00
openSUSE Security Update : bind (openSUSE-2019-1533)
2019-06-11 00:00:00
SUSE SLED15 / SLES15 Security Update : bind (SUSE-SU-2019:1407-1)
2019-06-04 00:00:00
suse
suse
Security update for bind (important)
2019-06-10 00:00:00
Security update for bind (important)
2019-06-10 00:00:00
Security update for bind (important)
2019-10-06 00:00:00
debian
debian
[SECURITY] [DSA 4440-1] bind9 security update
2019-05-09 20:23:59
[SECURITY] [DLA 1697-1] bind9 security updat
2019-02-28 21:11:35
[SECURITY] [DLA 1859-1] bind9 security update
2019-07-21 21:06:53
oraclelinux
oraclelinux
bind security and bug fix update
2019-11-14 00:00:00
bind security, bug fix, and enhancement update
2019-08-13 00:00:00
bind security and bug fix update
2020-04-06 00:00:00
osv
osv
bind9 - security update
2019-05-09 00:00:00
bind9 - security update
2019-02-28 00:00:00
CVE-2019-6465
2019-10-09 16:15:16
altlinux
altlinux
Security fix for the ALT Linux 8 package bind version 9.10.8.P1-alt1
2019-08-26 00:00:00
Security fix for the ALT Linux 9 package bind version 9.11.5.P4-alt1
2019-02-22 00:00:00
Security fix for the ALT Linux 10 package bind version 9.11.5.P4-alt1
2019-02-22 00:00:00
mageia
mageia
Updated bind packages fix security vulnerabilities
2019-10-24 00:06:40
Updated bind packages fix security vulnerability
2018-08-24 02:35:07
fedora
fedora
[SECURITY] Fedora 30 Update: bind-9.11.8-1.fc30
2019-07-22 01:04:30
[SECURITY] Fedora 29 Update: bind-9.11.5-4.P4.fc29
2019-02-26 03:08:57
[SECURITY] Fedora 30 Update: dhcp-4.3.6-34.fc30
2019-05-06 00:46:52
ubuntu
ubuntu
Bind vulnerabilities
2019-02-25 00:00:00
Bind vulnerabilities
2019-02-22 00:00:00
Bind vulnerability
2018-09-20 00:00:00
redhat
redhat
ibm
ibm
archlinux
archlinux
[ASA-201902-25] bind: multiple issues
2019-02-25 00:00:00
cisa
cisa
ISC Releases Security Updates for BIND
2019-02-22 00:00:00
centos
centos
bind security update
2020-04-08 17:45:58
bind security update
2018-08-28 15:48:00
bind security update
2018-08-28 15:39:55
amazon
amazon
photon
photon
Important Photon OS Security Update - PHSA-2019-0199
2019-12-30 00:00:00
Critical Photon OS Security Update - PHSA-2020-0049
2020-01-18 00:00:00
f5
f5
K74009656 : BIND vulnerability CVE-2018-5743
2019-04-25 00:00:00
K01713115 : BIND vulnerability CVE-2019-6465
2019-02-22 00:00:00
debiancve
debiancve
nvd
nvd
CVE-2018-5743
2019-10-09 16:15:13
CVE-2019-6465
2019-10-09 16:15:16
veracode
veracode
Denial Of Service (DoS)
2019-05-24 01:52:33
Denial Of Service (DoS)
2019-01-17 06:06:16
Denial Of Service (DoS)
2019-01-15 09:25:37
alpinelinux
alpinelinux
CVE-2019-6465
2019-10-09 16:15:16
CVE-2018-5740
2019-01-16 20:29:01
slackware
slackware
[slackware-security] bind
2019-06-20 18:56:39
[slackware-security] bind
2018-08-10 23:54:53
ubuntucve
ubuntucve
cve
cve
checkpoint_advisories
checkpoint_advisories
prion
prion
Design/Logic Flaw
2019-01-16 20:29:00
cvelist
cvelist
redhatcve
redhatcve
CVE-2018-5740
2022-01-13 06:42:03
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.944 High
EPSS
Percentile
99.2%
Related for SUSE_SU-2019-2502-1.NASL