By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -> 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743.
{
"unresolved_ranges": [
{
"cpe": "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "11.5.2"
},
{
"last_affected": "11.6.5"
},
{
"introduced": "12.1.0"
},
{
"last_affected": "12.1.4"
},
{
"introduced": "13.1.0"
},
{
"last_affected": "13.1.1"
},
{
"introduced": "14.0.0"
},
{
"last_affected": "14.1.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:*:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "15.0.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "11.5.2"
},
{
"last_affected": "11.6.5"
},
{
"introduced": "12.1.0"
},
{
"last_affected": "12.1.4"
},
{
"introduced": "13.1.0"
},
{
"last_affected": "13.1.1"
},
{
"introduced": "14.0.0"
},
{
"last_affected": "14.1.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:*:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "15.0.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "11.5.2"
},
{
"last_affected": "11.6.5"
},
{
"introduced": "12.1.0"
},
{
"last_affected": "12.1.4"
},
{
"introduced": "13.0.0"
},
{
"last_affected": "13.1.1"
},
{
"introduced": "14.0.0"
},
{
"last_affected": "14.1.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_analytics:15.0.0:*:*:*:*:*:*:*",
"source": "CPE_FIELD",
"extracted_events": [
{
"last_affected": "15.0.0"
}
]
},
{
"cpe": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "11.5.2"
},
{
"last_affected": "11.6.5"
},
{
"introduced": "12.1.0"
},
{
"last_affected": "12.1.4"
},
{
"introduced": "13.0.0"
},
{
"last_affected": "13.1.1"
},
{
"introduced": "14.0.0"
},
{
"last_affected": "14.1.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:*:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "15.0.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "11.5.2"
},
{
"last_affected": "11.6.5"
},
{
"introduced": "12.1.0"
},
{
"last_affected": "12.1.4"
},
{
"introduced": "13.0.0"
},
{
"last_affected": "13.1.1"
},
{
"introduced": "14.0.0"
},
{
"last_affected": "14.1.1"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:*:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "15.0.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
"source": "CPE_FIELD",
"extracted_events": [
{
"introduced": "11.5.2"
},
{
"last_affected": "11.6.5"
},
{
"introduced": "12.1.0"
},
{
"last_affected": "12.1.4"
},
{
"introduced": "13.1.0"
},
{
"last_affected": "13.1.1"
},
{
"introduced": "14.0.0"
},
{
"last_affected": "14.1.0"
}
]
},
{
"cpe": "cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:*:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "15.0.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "11.5.2"
},
{
"last_affected": "11.6.5"
},
{
"introduced": "12.1.0"
},
{
"last_affected": "12.1.4"
},
{
"introduced": "13.0.0"
},
{
"last_affected": "13.1.1"
},
{
"introduced": "14.0.0"
},
{
"last_affected": "14.1.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_edge_gateway:15.0.0:*:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "15.0.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "11.5.2"
},
{
"last_affected": "11.6.5"
},
{
"introduced": "12.1.0"
},
{
"last_affected": "12.1.4"
},
{
"introduced": "13.0.0"
},
{
"last_affected": "13.1.1"
},
{
"introduced": "14.0.0"
},
{
"last_affected": "14.1.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_fraud_protection_service:15.0.0:*:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "15.0.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "11.5.2"
},
{
"last_affected": "11.6.5"
},
{
"introduced": "12.1.0"
},
{
"last_affected": "12.1.4"
},
{
"introduced": "13.0.0"
},
{
"last_affected": "13.1.1"
},
{
"introduced": "14.0.0"
},
{
"last_affected": "14.1.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_global_traffic_manager:15.0.0:*:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "15.0.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"source": "CPE_FIELD",
"extracted_events": [
{
"introduced": "11.5.2"
},
{
"last_affected": "11.6.5"
},
{
"introduced": "12.1.0"
},
{
"last_affected": "12.1.4"
},
{
"introduced": "13.0.0"
},
{
"last_affected": "13.1.1"
},
{
"introduced": "14.0.0"
},
{
"last_affected": "14.1.0"
}
]
},
{
"cpe": "cpe:2.3:a:f5:big-ip_link_controller:15.0.0:*:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "15.0.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
"source": "CPE_FIELD",
"extracted_events": [
{
"introduced": "11.5.2"
},
{
"last_affected": "11.6.5"
},
{
"introduced": "12.1.0"
},
{
"last_affected": "12.1.4"
},
{
"introduced": "13.0.0"
},
{
"last_affected": "13.1.1"
},
{
"introduced": "14.0.0"
},
{
"last_affected": "14.1.0"
}
]
},
{
"cpe": "cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "15.0.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "11.5.2"
},
{
"last_affected": "11.6.5"
},
{
"introduced": "12.1.0"
},
{
"last_affected": "12.1.4"
},
{
"introduced": "13.1.0"
},
{
"last_affected": "13.1.1"
},
{
"introduced": "14.0.0"
},
{
"last_affected": "14.1.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:*:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "15.0.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "11.5.2"
},
{
"last_affected": "11.6.5"
},
{
"introduced": "12.1.0"
},
{
"last_affected": "12.1.4"
},
{
"introduced": "13.1.0"
},
{
"last_affected": "13.1.1"
},
{
"introduced": "14.0.0"
},
{
"last_affected": "14.1.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-ip_webaccelerator:15.0.0:*:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "15.0.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
"source": "CPE_FIELD",
"extracted_events": [
{
"introduced": "5.0.0"
},
{
"last_affected": "5.4.0"
},
{
"introduced": "6.0.0"
},
{
"last_affected": "6.1.0"
}
]
},
{
"cpe": "cpe:2.3:a:f5:enterprise_manager:3.1.1:*:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "3.1.1"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:f5:iworkflow:2.3.0:*:*:*:*:*:*:*",
"extracted_events": [
{
"last_affected": "2.3.0"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:isc:bind:9.10.8:p1:*:*:*:*:*:*",
"source": "CPE_FIELD",
"extracted_events": [
{
"last_affected": "9.10.8-p1"
}
]
},
{
"cpe": "cpe:2.3:a:isc:bind:9.11.5:s3:*:*:supported_preview:*:*:*",
"extracted_events": [
{
"last_affected": "9.11.5-s3"
}
],
"source": "CPE_FIELD"
},
{
"cpe": "cpe:2.3:a:isc:bind:9.11.5:s5:*:*:supported_preview:*:*:*",
"extracted_events": [
{
"last_affected": "9.11.5-s5"
}
],
"source": "CPE_FIELD"
}
]
}{
"cpe": [
"cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"cpe:2.3:a:isc:bind:9.9.3:s1:*:*:supported_preview:*:*:*",
"cpe:2.3:a:isc:bind:9.14.0:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "9.9.0"
},
{
"last_affected": "9.10.8"
},
{
"introduced": "9.11.0"
},
{
"last_affected": "9.11.6"
},
{
"introduced": "9.12.0"
},
{
"last_affected": "9.12.4"
},
{
"introduced": "9.13.0"
},
{
"last_affected": "9.13.7"
},
{
"introduced": "0"
},
{
"last_affected": "9.9.3-s1"
},
{
"last_affected": "9.14.0"
}
],
"source": "CPE_FIELD"
}