CVE-2018-5740
- Source
- https://cve.org/CVERecord?id=CVE-2018-5740
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-5740.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-5740
- Downstream
- Related
- Published
- 2019-01-16T20:29:01.017Z
- Modified
- 2026-03-10T14:43:08.657425Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2.
- References
-
- https://lists.debian.org/debian-lts-announce/2018/08/msg00033.html
- https://security.gentoo.org/glsa/201903-13
- https://usn.ubuntu.com/3769-1/
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00027.html
- https://kb.isc.org/docs/aa-01639
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00026.html
- http://www.securitytracker.com/id/1041436
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03927en_us
- https://access.redhat.com/errata/RHSA-2018:2571
- https://lists.debian.org/debian-lts-announce/2021/11/msg00001.html
- https://security.netapp.com/advisory/ntap-20180926-0003/
- https://usn.ubuntu.com/3769-2/
- http://www.securityfocus.com/bid/105055
- https://access.redhat.com/errata/RHSA-2018:2570
Affected packages
Git / github.com/isc-projects/bind9
Affected ranges
- Type
- GIT
- Repo
- https://github.com/isc-projects/bind9
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "0" }, { "last_affected": "6.0" }, { "introduced": "0" }, { "last_affected": "6.0" }, { "introduced": "0" }, { "last_affected": "7.5" }, { "introduced": "0" }, { "last_affected": "6.0" }, { "introduced": "0" }, { "last_affected": "8.0" } ] }
- Type
- GIT
- Repo
- https://gitlab.isc.org/isc-projects/bind9
- Events
-
IntroducedFixedIntroducedFixedIntroducedFixedIntroducedFixedIntroducedFixedIntroducedFixedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "versions": [ { "introduced": "9.7.0" }, { "fixed": "9.8.8" }, { "introduced": "9.9.0" }, { "fixed": "9.9.13" }, { "introduced": "9.10.0" }, { "fixed": "9.10.8" }, { "introduced": "9.11.0" }, { "fixed": "9.11.4" }, { "introduced": "9.12.0" }, { "fixed": "9.12.2" }, { "introduced": "9.13.0" }, { "fixed": "9.13.2" }, { "introduced": "0" }, { "last_affected": "9.0" } ] }
Affected versions
Other
ondrej/008bfb6249a5f81d9e02ad4d39fda63fab57a0ad
ondrej/00ce93a69cd809810b82dbb229abf59d8e5850cc
ondrej/1a1413ff5910ace7919bb8db0a1bb1f6e9c9ff7d
ondrej/4d292fc37ff5e99462756352c6028af7d0becf74
ondrej/6d06e7e7e585e30b419e4e20815cb8233c48f7b1
ondrej/6d1fdb850516a8d1fbfa853c56a1ef7627d54a72
ondrej/761b47a64845cb647d4fa3362be538eb0e7174d9
ondrej/840e56a979c3719ded668d5aaa04b1bddce465ef
ondrej/a42afbce2e34a5f990517fee7eab013c4adb8c0a
ondrej/a5f554959ec531712f6e14a8cb8c90d87cc27932
ondrej/b177581bb230d89821d1e2e5e91f93bee3fc4192
ondrej/be1e6499742e241d71c7e79434e278a0c89d141b
ondrej/c63b7fad498dbe56710b655bd296a58abba64bb8
ondrej/d7e5f7903de06e504aac4a3822a41d69e159e370
ondrej/fb07c38697c9f4f76dcb921487c4f96813c99b69
v9.*
v9.10.0a1
v9.10.0a2
v9.10.0b1
v9.10.0b2
v9.10.0rc1
v9.11.0a1
v9.11.0a2
v9.11.0a3
v9.12.0a1
v9.12.0b1
v9.12.0b2
v9.12.0rc1
v9.13.0
v9.13.2
v9.13.3
v9.13.4
v9.13.5
v9.13.6
v9.15.0
v9.15.2
v9.15.3
v9.15.4
v9.15.5
v9.15.6
v9.15.7
v9.15.8
v9.17.4
v9.19.0
v9.19.1
v9.19.10
v9.19.11
v9.19.12
v9.19.13
v9.19.14
v9.19.15
v9.19.16
v9.19.17
v9.19.18
v9.19.19
v9.19.2
v9.19.21
v9.19.22
v9.19.23
v9.19.24
v9.19.3
v9.19.4
v9.19.5
v9.19.6
v9.19.7
v9.19.8
v9.19.9
v9.20.0
v9.5.0a1
v9.5.0a2
v9.5.0a3
v9.5.0a4
v9.5.0a5
v9.5.0a6
v9.7.0a1
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-5740.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "7.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "12.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "14.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "16.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "18.04"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "15.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "15.1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "42.3"
}
]
}
]