An error in the nxdomain redirect feature can cause BIND to exit with an INSIST assertion failure in query.c
CVE-2019-6467
Key Information
- Vendor
- Isc
- Status
- Bind 9
- Vendor
- CVE Published:
- 24 April 2019
Badges
Summary
A programming error in the nxdomain-redirect feature can cause an assertion failure in query.c if the alternate namespace used by nxdomain-redirect is a descendant of a zone that is served locally. The most likely scenario where this might occur is if the server, in addition to performing NXDOMAIN redirection for recursive clients, is also serving a local copy of the root zone or using mirroring to provide the root zone, although other configurations are also possible. Versions affected: BIND 9.12.0-> 9.12.4, 9.14.0. Also affects all releases in the 9.13 development branch.
Affected Version(s)
BIND 9 BIND 9.12.0-> 9.12.4, 9.14.0. Also affects all releases in the 9.13 development branch.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V3.1
Timeline
- π‘
Public PoC available
- πΎ
Exploit known to exist
Vulnerability published
Vulnerability Reserved