Описание
Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:9.11.3+dfsg-1ubuntu1.5 |
| cosmic | released | 1:9.11.4+dfsg-3ubuntu5.1 |
| devel | released | 1:9.11.5.P1+dfsg-1ubuntu2 |
| esm-infra-legacy/trusty | released | 1:9.9.5.dfsg-3ubuntu0.19 |
| esm-infra/bionic | released | 1:9.11.3+dfsg-1ubuntu1.5 |
| esm-infra/xenial | released | 1:9.10.3.dfsg.P4-8ubuntu1.12 |
| precise/esm | not-affected | 1:9.8.1.dfsg.P1-4ubuntu0.27 |
| trusty | released | 1:9.9.5.dfsg-3ubuntu0.19 |
| trusty/esm | released | 1:9.9.5.dfsg-3ubuntu0.19 |
| upstream | needs-triage |
Показывать по
EPSS
4.3 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465.
Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465.
Controls for zone transfers may not be properly applied to Dynamically ...
Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if the zones are writable Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P2, 9.12.0 -> 9.12.3-P2, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2019-6465.
Уязвимость сервера DNS BIND, связанная с ошибкой управления передачей данных к динамическим зонам (DLZ), позволяющая нарушителю получить доступ к конфиденциальным данным
EPSS
4.3 Medium
CVSS2
5.3 Medium
CVSS3