CVE-2019-6471 Vulnerability Details

  /     /     /  

CVE-2019-6471 Metadata Quick Info

CVE Published: 09/10/2019 | CVE Updated: 17/09/2024 | CVE Year: 2019
Source: isc | Vendor: ISC | Product: BIND 9
Status : PUBLISHED

---

CVE-2019-6471 Description

A race condition which may occur when discarding malformed packets can result in BIND exiting due to a REQUIRE assertion failure in dispatch.c. Versions affected: BIND 9.11.0 -> 9.11.7, 9.12.0 -> 9.12.4-P1, 9.14.0 -> 9.14.2. Also all releases of the BIND 9.13 development branch and version 9.15.0 of the BIND 9.15 development branch and BIND Supported Preview Edition versions 9.11.3-S1 -> 9.11.7-S1.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: An attacker who can cause a resolver to perform queries which will be answered by a server which responds with deliberately malformed answers can cause named to exit, denying service to clients.
Source: ISC

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).