CVE-2017-3139

High

A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit…

isc·CWE-617·Published 2019-04-09

CVSS

7.5

EPSS

0.02

KEV

Exploits

cve.orgen

211 chars

A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.

NVDen

211 chars

NVDes

274 chars

Se encontró un fallo de denegación de servicio en la forma en que BIND maneja la comprobación de DNSSEC. Un atacante remoto podría utilizar este fallo para hacer la salida nombrada inesperadamente con un error de aserción por medio de una respuesta DNS especialmente creada.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H