CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 19:17:37 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
b0e96c877abb080d7cf221c036336480ff266ccf
CVEs-PoC/2017/CVE-2017-3135.md
T
0xMarcio dd6a10065d Update CVE sources 2024-08-06 19:19
2024-08-06 19:19:10 +00:00

27 lines
2.1 KiB
Markdown
Raw Blame History

### [CVE-2017-3135](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3135)
![](https://img.shields.io/static/v1?label=Product&message=BIND%209&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=BIND%2099.8.8%2C%209.9.3-S1%20-%3E%209.9.9-S7%2C%209.9.3%20-%3E%209.9.9-P5%2C%209.9.10b1%2C%209.10.0%20-%3E%209.10.4-P5%2C%209.10.5b1%2C%209.11.0%20-%3E%209.11.0-P2%2C%209.11.1b1%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Servers%20utilizing%20both%20DNS64%20and%20RPZ%20are%20potentially%20susceptible%20to%20encountering%20this%20condition.%20%20When%20this%20condition%20occurs%2C%20it%20will%20result%20in%20either%20an%20INSIST%20assertion%20failure%20(and%20subsequent%20abort)%20or%20an%20attempt%20to%20read%20through%20a%20NULL%20pointer.%20%20On%20most%20platforms%20a%20NULL%20pointer%20read%20leads%20to%20a%20segmentation%20fault%20(SEGFAULT)%2C%20which%20causes%20the%20process%20to%20be%20terminated.%0A%0AOnly%20servers%20which%20are%20configured%20to%20simultaneously%20use%20both%20Response%20Policy%20Zones%20(RPZ)%20and%20DNS64%20(a%20method%20for%20synthesizing%20AAAA%20records%20from%20A%20records)%20can%20be%20affected%20by%20this%20vulnerability.&color=brighgreen)
### Description
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/ALTinners/bind9
- https://github.com/AMD1212/check_debsecan
- https://github.com/ARPSyndicate/cvemon
- https://github.com/AndrewLipscomb/bind9
- https://github.com/balabit-deps/balabit-os-7-bind9
- https://github.com/balabit-deps/balabit-os-8-bind9-libs
- https://github.com/balabit-deps/balabit-os-9-bind9-libs
- https://github.com/pexip/os-bind9
- https://github.com/pexip/os-bind9-libs
- https://github.com/psmedley/bind-os2
Reference in New Issue View Git Blame Copy Permalink