CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-10 07:47:42 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
b0e96c877abb080d7cf221c036336480ff266ccf
CVEs-PoC/2017/CVE-2017-3140.md
T
0xMarcio dd6a10065d Update CVE sources 2024-08-06 19:19
2024-08-06 19:19:10 +00:00

26 lines
2.3 KiB
Markdown
Raw Blame History

### [CVE-2017-3140](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3140)
![](https://img.shields.io/static/v1?label=Product&message=BIND%209&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=A%20server%20is%20potentially%20vulnerable%20to%20degradation%20of%20service%20if%0A%0A%20%20%20%20the%20server%20is%20configured%20to%20use%20RPZ%2C%0A%20%20%20%20the%20server%20uses%20NSDNAME%20or%20NSIP%20policy%20rules%2C%20and%0A%20%20%20%20an%20attacker%20can%20cause%20the%20server%20to%20process%20a%20specific%20query%0A%0ASuccessful%20exploitation%20of%20this%20condition%20will%20cause%20named%20to%20enter%20a%20state%20where%20it%20continues%20to%20loop%20while%20processing%20the%20query%20without%20ever%20reaching%20an%20end%20state.%20While%20in%20this%20state%2C%20named%20repeatedly%20queries%20the%20same%20sets%20of%20authoritative%20nameservers%20and%20this%20behavior%20will%20usually%20persist%20indefinitely%20beyond%20the%20normal%20client%20query%20processing%20timeout.%20By%20triggering%20this%20condition%20multiple%20times%2C%20an%20attacker%20could%20cause%20a%20deliberate%20and%20substantial%20degradation%20in%20service.%0A%0AOperators%20of%20servers%20that%20meet%20the%20above%20conditions%201.%20and%202.%20may%20also%20accidentally%20encounter%20this%20defect%20during%20normal%20operation.%20%20It%20is%20for%20this%20reason%20that%20the%20decision%20was%20made%20to%20issue%20this%20advisory%20despite%20its%20low%20CVSS%20score.&color=brighgreen)
### Description
If named is configured to use Response Policy Zones (RPZ) an error processing some rule types can lead to a condition where BIND will endlessly loop while handling a query. Affects BIND 9.9.10, 9.10.5, 9.11.0->9.11.1, 9.9.10-S1, 9.10.5-S1.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/ALTinners/bind9
- https://github.com/ARPSyndicate/cvemon
- https://github.com/AndrewLipscomb/bind9
- https://github.com/balabit-deps/balabit-os-7-bind9
- https://github.com/balabit-deps/balabit-os-8-bind9-libs
- https://github.com/balabit-deps/balabit-os-9-bind9-libs
- https://github.com/pexip/os-bind9
- https://github.com/pexip/os-bind9-libs
- https://github.com/psmedley/bind-os2
Reference in New Issue View Git Blame Copy Permalink