ISC BIND CVE-2017-3137 Remote Denial of Service Vulnerability

ISC BIND is prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users.

ISC BIND versions 9.9.9-P6, 9.9.10b1 through 9.9.10rc1, 9.10.4-P6, 9.10.5b1 through 9.10.5rc1, 9.11.0-P3, 9.11.1b1 through 9.11.1rc1, and 9.9.9-S8 are vulnerable.

Information

Bugtraq ID: 97651
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2017-3137

Remote: Yes
Local: No
Published: Apr 12 2017 12:00AM
Updated: Apr 14 2017 03:05PM
Credit: The vendor reported this issue.
Vulnerable: SuSE Linux Enterprise Software Development Kit 12 SP2
SuSE Linux Enterprise Software Development Kit 12 SP1
SuSE Linux Enterprise Server for SAP 12
SuSE Linux Enterprise Server for Raspberry Pi 12-SP2
SuSE Linux Enterprise Server 12-SP2
SuSE Linux Enterprise Server 12-SP1
SuSE Linux Enterprise Server 12-LTSS
SuSE Linux Enterprise Desktop 12-SP2
SuSE Linux Enterprise Desktop 12-SP1

Not Vulnerable:

References:

• ISC BIND Homepage (ISC)
  
• CVE-2017-3137: A response packet can cause a resolver to terminate when processi (ISC BIND)
  

Source: www.securityfocus.com