Windows service and uninstall paths are not quoted when BIND is installed

CVE-2017-3141

7.2HIGH

Key Information

Vendor: Isc
Status: Bind 9
Vendor: CVE Published:; 16 January 2019

Badges

👾 Exploit Exists

Summary

The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2->9.2.9, 9.3.2-P1->9.3.6, 9.4.0->9.8.8, 9.9.0->9.9.10, 9.10.0->9.10.5, 9.11.0->9.11.1, 9.9.3-S1->9.9.10-S1, 9.10.5-S1.

Affected Version(s)

BIND 9 = 9.2.6-P2->9.2.9, 9.3.2-P1->9.3.6, 9.4.0->9.8.8, 9.9.0->9.9.10, 9.10.0->9.10.5, 9.11.0->9.11.1, 9.9.3-S1->9.9.10-S1, 9.10.5-S1

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

👾
Exploit exists.
Aug 5, 2024
Risk change from: 7.8 to: 7.2 - (HIGH)
Feb 22, 2024
Vulnerability published.
Jan 16, 2019
Vulnerability Reserved.
Dec 2, 2016

Collectors

NVD DatabaseMitre Database

Credit

ISC would like to thank John Page aka hyp3rlinx for reporting this issue.