edit-icon download-icon

[Vulnerability notice] CVE-2017-3143: Security bypass vulnerability in BIND

Last Updated: May 04, 2018

On June 29, 2017, a security bypass vulnerability caused by improper design was detected in ISC BIND. By exploiting this vulnerability, attackers can send messages to and receive messages from an authoritative DNS server, dynamically update the target services without permission, and start attacks such as virus injection. The vulnerability causes a serious security risk to services.

See the following for more information about the vulnerability.


CVE identifier

CVE-2017-3143

Vulnerability name

BIND security bypass vulnerability

Vulnerability rating

High

Vulnerability description

Attackers can send messages to and receive messages from an authoritative DNS server, dynamically update the target services without permission, and inject virus to the target server, causing a serious security risk.

Condition and method of exploitation

Remote exploitation.

Affected scope

  • BIND 9.4.0->9.8.8

  • BIND 9.9

    • 9.9.0->9.9.10-P1
    • 9.9.3-S1->9.9.10-S2
  • BIND 9.10

    • 9.10.0->9.10.5-P1
    • 9.10.5-S1->9.10.5-S2
  • BIND 9.11: 9.11.0->9.11.1-P1

Vulnerability detection

Run the named -V command to check whether any affected version of BIND is used.

How to fix or mitigate

  • The latest software version has been released on the official website. We recommend that you upgrade the software to the latest version.

  • Enable ACL on BIND to allow access from trusted servers or users.

Reference

[1]. http://www.securityfocus.com/bid/99337/info
[2]. https://www.isc.org/downloads/software-support-policy/security-advisory/
[3]. https://kb.isc.org/article/AA-00913/216/BIND-9-Security-Vulnerability-Matrix.html
[4]. Debian

[5]. Red Hat Enterprise Linux/CentOS

[6]. OpenSUSE

Thank you! We've received your feedback.