fkie_cve-2019-6477
Vulnerability from fkie_nvd
Published
2019-11-26 16:15
Modified
2024-11-21 04:46
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem).
References
security-officer@isc.orghttp://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html
security-officer@isc.orghttp://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html
security-officer@isc.orghttps://kb.isc.org/docs/cve-2019-6477Third Party Advisory
security-officer@isc.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3DEMNZMKR57VQJCG5ZN55ZGTQRL2TFQ/
security-officer@isc.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGURMGQHX45KR4QDRCSUQHODUFOGNGAN/
security-officer@isc.orghttps://support.f5.com/csp/article/K15840535?utm_source=f5support&amp%3Butm_medium=RSS
security-officer@isc.orghttps://www.debian.org/security/2020/dsa-4689
security-officer@isc.orghttps://www.synology.com/security/advisory/Synology_SA_19_39Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html
af854a3a-2127-422b-91ae-364da2661108https://kb.isc.org/docs/cve-2019-6477Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3DEMNZMKR57VQJCG5ZN55ZGTQRL2TFQ/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGURMGQHX45KR4QDRCSUQHODUFOGNGAN/
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K15840535?utm_source=f5support&amp%3Butm_medium=RSS
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2020/dsa-4689
af854a3a-2127-422b-91ae-364da2661108https://www.synology.com/security/advisory/Synology_SA_19_39Third Party Advisory
Impacted products
Vendor Product Version
isc bind *
isc bind *
isc bind *
isc bind 9.11.5
isc bind 9.11.6
isc bind 9.11.6
isc bind 9.11.12
isc bind 9.12.4
isc bind 9.12.4
fedoraproject fedora 30
fedoraproject fedora 31


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4D32184-BCD1-4459-8ACA-45B720B72482",
              "versionEndIncluding": "9.11.12",
              "versionStartIncluding": "9.11.7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A58BC6C1-84DF-4EF1-8B51-9F2C51784C78",
              "versionEndIncluding": "9.14.7",
              "versionStartIncluding": "9.14.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8889BE5E-3E97-401A-BC81-082F77F72576",
              "versionEndIncluding": "9.15.5",
              "versionStartIncluding": "9.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.11.5:s6:*:*:supported_preview:*:*:*",
              "matchCriteriaId": "46E6A4BD-D69B-4A70-821D-5612DD1315EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.11.6:p1:*:*:*:*:*:*",
              "matchCriteriaId": "588F49CE-64D1-4073-928F-88D2AE5C0AB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.11.6:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "31FE272C-24BC-4B67-A664-D29F595E7071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.11.12:s1:*:*:supported_preview:*:*:*",
              "matchCriteriaId": "3CABCB08-B838-45F7-AA87-77C6B8767DD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.12.4:p1:*:*:*:*:*:*",
              "matchCriteriaId": "E121D018-42B7-467E-9481-EDA4021401AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:isc:bind:9.12.4:p2:*:*:*:*:*:*",
              "matchCriteriaId": "343890F9-D6B4-433C-9131-9526DBB75749",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
              "matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
              "matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resources than the server has been provisioned to handle. When a TCP connection with a large number of pipelined queries is closed, the load on the server releasing these multiple resources can cause it to become unresponsive, even for queries that can be answered authoritatively or from cache. (This is most likely to be perceived as an intermittent server problem)."
    },
    {
      "lang": "es",
      "value": "Con pipelining habilitada, cada consulta entrante en una conexi\u00f3n TCP requiere una asignaci\u00f3n de recursos similar a una consulta recibida por medio de UDP o TCP sin pipelining habilitada. Un cliente que utiliza una conexi\u00f3n canalizada por TCP a un servidor podr\u00eda consumir m\u00e1s recursos de los que el servidor ha sido provisionado para manejar. Cuando una conexi\u00f3n TCP con un gran n\u00famero de consultas canalizadas se cierra, la carga en el servidor que libera estos m\u00faltiples recursos puede causar que no responda, inclusive para consultas que pueden ser respondidas con autoridad o desde la memoria cach\u00e9. (Esto es muy probable que sea percibido como un problema de servidor intermitente)."
    }
  ],
  "id": "CVE-2019-6477",
  "lastModified": "2024-11-21T04:46:31.597",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "security-officer@isc.org",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-11-26T16:15:13.963",
  "references": [
    {
      "source": "security-officer@isc.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
    },
    {
      "source": "security-officer@isc.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
    },
    {
      "source": "security-officer@isc.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.isc.org/docs/cve-2019-6477"
    },
    {
      "source": "security-officer@isc.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3DEMNZMKR57VQJCG5ZN55ZGTQRL2TFQ/"
    },
    {
      "source": "security-officer@isc.org",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGURMGQHX45KR4QDRCSUQHODUFOGNGAN/"
    },
    {
      "source": "security-officer@isc.org",
      "url": "https://support.f5.com/csp/article/K15840535?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "source": "security-officer@isc.org",
      "url": "https://www.debian.org/security/2020/dsa-4689"
    },
    {
      "source": "security-officer@isc.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.synology.com/security/advisory/Synology_SA_19_39"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00041.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00044.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://kb.isc.org/docs/cve-2019-6477"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3DEMNZMKR57VQJCG5ZN55ZGTQRL2TFQ/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGURMGQHX45KR4QDRCSUQHODUFOGNGAN/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/csp/article/K15840535?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.debian.org/security/2020/dsa-4689"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.synology.com/security/advisory/Synology_SA_19_39"
    }
  ],
  "sourceIdentifier": "security-officer@isc.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.