#VU16033 Security restrictions bypass in ISC BIND - CVE-2018-5741


| Updated: 2018-11-24

Vulnerability identifier: #VU16033

Vulnerability risk: Low

CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-5741

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
ISC BIND
Server applications / DNS servers

Vendor: ISC

Description
The vulnerability allows a remote authenticated attacker to bypass security restrictions on the target system.

The vulnerability exists due to an error in the documentation of the 'update-policy' feature for the 'krb5-subdomain' and 'ms-subdomain' update policies. A remote attacker can bypass security restrictions to modify records in the zone at or below the name specified in the name field.

Mitigation
The vulnerability has been addressed in the versions 9.11.5, 9.12.3.

Vulnerable software versions

ISC BIND: 9.11.0 rc1 - 9.12.2

External links
https://kb.isc.org/docs/cve-2018-5741

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data update for ISC BIND
Multiple vulnerabilities in Dell EMC Data Computing Appliance (DCA)
OpenSUSE Linux update for bind
OpenSUSE Linux update for bind
Red Hat update for bind
Amazon Linux AMI update for bind
Gentoo update for BIND
Security restrictions bypass in bind (Alpine package)
Security restrictions bypass in ISC BIND